隐私政策

隐私政策简介与概述

我们制定了本隐私政策（版本 24.02.2025-122952900），旨在根据 通用数据保护条例（EU）2016/679 以及适用的国家法律，向您说明我们作为数据控制者——以及我们委托的数据处理者（如服务提供商）——处理、将来会处理哪些个人数据（以下简称数据），以及您拥有哪些法律权利。所使用的术语应视为性别中立。
简而言之： 我们会向您全面告知我们处理的您的任何个人数据。

隐私政策通常听起来非常技术化，并使用法律术语。然而，本隐私政策旨在尽可能简单透明地向您描述最重要的内容。只要有助于提升透明度，技术 术语会以易于阅读的方式进行解释，相关链接 会提供更多信息，并且 图形 被使用。因此，我们以清晰简明的语言告知，只有在有法律依据的情况下，我们才会在业务活动中处理个人数据。这绝不是通过简短、不清晰和法律技术性的表述所能做到的，而这在涉及数据保护时在互联网上却很常见。希望您觉得以下说明有趣且具有参考价值。也许您还能发现一些您之前不了解的信息。
如果您仍有疑问，请联系我们下方或在网站印记中注明的负责人，点击现有链接并查看第三方网站上的更多信息。当然，您也可以在网站印记中找到我们的联系方式。

适用范围

本隐私政策适用于本公司处理的所有个人数据以及由我们委托的公司（数据处理方）处理的所有个人数据。个人数据一词是指《通用数据保护条例》第4条第1款意义上的信息，如个人的姓名、电子邮件地址和邮寄地址。处理个人数据确保我们能够提供和结算我们的服务和产品，无论是线上还是线下。本隐私政策的适用范围包括：

• 我们运营的所有在线平台（网站、网店）
• 社交媒体平台和电子邮件通信
• 智能手机及其他设备的移动应用程序

简而言之： 本隐私政策适用于公司通过上述渠道以结构化方式处理个人数据的所有领域。如果我们在这些渠道之外与您建立法律关系，我们会在必要时另行通知您。

法律依据

在以下隐私政策中，我们为您提供有关法律原则和法规的透明信息，即《通用数据保护条例》的法律依据，使我们能够处理个人数据。
凡涉及欧盟法律时，我们指的是2016年4月27日欧洲议会和理事会的(EU) 2016/679号条例。您当然可以在EUR-Lex（欧盟法律门户网站）上在线查阅欧盟的《通用数据保护条例》，网址为 https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=celex%3A32016R0679.

我们仅在以下至少一项条件适用时处理您的数据：

1. 同意 （《通用数据保护条例》第6条第1款a项）：您已同意我们为特定目的处理数据。例如，您在联系表单中输入的数据被存储。
2. 合同 （《通用数据保护条例》第6条第1款b项）：我们为履行与您的合同或合同前义务而处理您的数据。例如，如果我们与您签订销售合同，我们需要提前获取您的个人信息。
3. 法律义务 （《通用数据保护条例》第6条第1款c项）：如果我们受到法律义务约束，我们将处理您的数据。例如，我们在法律上有义务为会计保存发票，这些发票通常包含个人数据。
4. 合法利益 （《通用数据保护条例》第6条第1款f项）：在不限制您的基本权利的合法利益情况下，我们保留处理个人数据的权利。例如，我们必须处理某些数据，以便能够安全且经济地运营我们的网站。因此，这种处理属于合法利益。

其他条件，如出于公共利益进行录音、行使官方权力以及保护重要利益，通常不适用于我们。如果此类法律依据相关，将在适当位置予以披露。

除了欧盟条例外，国家法律也适用：

• 在 奥地利 这是奥地利数据保护法（Datenschutzgesetz），简称 DSG.
• 在 德国 这是联邦数据保护法（联邦数据保护法），简称 BDSG.

如果适用其他地区或国家法律，我们将在以下部分告知您。

存储期限

我们的一般标准是仅在绝对必要的情况下才存储个人数据，以便提供我们的服务和产品。这意味着，一旦数据处理的任何理由不再存在，我们就会删除个人数据。在某些情况下，即使原始目的不再存在，我们也有法律义务继续保存某些数据，例如用于会计目的。

如果您希望删除您的数据，或希望撤销您对数据处理的同意，只要没有继续存储的义务，数据将尽快被删除。

我们将在下文告知您各自数据处理的具体期限，如果我们有进一步的信息。

根据通用数据保护条例的权利

根据GDPR第13、14条，我们告知您以下权利，以确保数据的公平和透明处理：

• 根据DSGVO第15条，您有权获知我们是否正在处理有关您的数据。如果是，您有权获得数据副本并了解以下信息：
  • 我们出于什么目的进行处理；
  • 类别，即被处理的数据类型；
  • 谁接收这些数据，以及如果数据被转移到第三国，如何保证安全性；
  • 数据将被存储多长时间；
  • 存在更正、删除或限制处理的权利以及有权反对处理；
  • 您可以向监管机构投诉（这些机构的链接见下文）；
  • 如果我们不是从您那里收集的数据，数据的来源；
  • 是否进行画像分析，即是否自动评估数据以得出您的个人画像。
• 您有根据《通用数据保护条例》第16条更正数据的权利，这意味着如果您发现错误，我们必须更正数据。
• 您有根据《通用数据保护条例》第17条删除数据（“被遗忘权”）的权利，这特别意味着您可以请求删除您的数据。
• 根据《通用数据保护条例》第18条，您有权限制处理，这意味着我们只能存储数据，而不能进一步使用。
• 根据《通用数据保护条例》第20条，您有权进行数据可携带性，这意味着我们会应您的请求以标准格式向您提供您的数据。
• 根据《通用数据保护条例》第21条，您有权提出异议，这将导致在执行后处理方式发生变化。
  • 如果您的数据处理基于第6条第1款(e)项（公共利益、行使官方权力）或第6条第1款(f)项（合法利益），您可以对处理提出异议。我们将尽快检查是否可以依法遵守该异议。
  • 如果数据被用于进行直接广告，您可以随时反对此类数据处理。之后我们将不再使用您的数据进行直接营销。
  • 如果数据被用于进行画像分析（profiling），您可以随时反对此类数据处理。之后我们将不再使用您的数据进行画像分析。
• 根据《通用数据保护条例》第22条，您有权不受仅基于自动化处理（例如画像分析）的决定的约束。
• 您有权根据《通用数据保护条例》第77条提出投诉。这意味着如果您认为个人数据的处理违反了GDPR，您可以随时向数据保护机构投诉。

简而言之： 您拥有权利——请随时与我们上方列出的负责人联系！

如果您认为您的数据处理违反了数据保护法，或您的数据保护权利以其他方式受到侵犯，您可以向监管机构投诉。对于奥地利来说，这就是数据保护局，其网站可在 https://www.dsb.gv.at/在德国，每个联邦州都有一名数据保护官。如需更多信息，您可以联系联邦数据保护与信息自由专员。 数据保护与信息自由专员（BfDI）我们公司的主管本地数据保护机构如下：

数据处理协议（DPA）

在本节中，我们将解释什么是数据处理协议以及为什么需要它。由于“数据处理协议”这个术语较长，本文中我们通常简称为DPA。像大多数公司一样，我们并不是单独运作，也会使用其他公司或个人的服务。通过与不同公司或服务提供商合作，我们可能会将个人数据交由其处理。这些合作伙伴则作为处理方，我们会与其签订合同，即所谓的数据处理协议（DPA）。最重要的是，您的个人数据的任何处理都仅根据我们的指示进行，并且必须由DPA进行规范。

谁是处理方？

作为公司和网站所有者，我们对我们处理的您的所有数据负责。除了控制方外，还可能涉及所谓的处理方。这包括任何处理您个人数据的公司或个人。更准确地说，根据GDPR的定义，这意味着：任何处理您个人数据的自然人或法人、机构、组织或其他实体都被视为处理方。因此，处理方可以是主机或云服务提供商、支付或通讯服务提供商，或像谷歌、微软这样的大公司。

为了让术语更易理解，以下是GDPR三种角色的概览：

数据主体 （您作为客户或潜在客户）→ 控制者 （我们作为公司和合同实体）→ 处理者 （服务提供商，如网络主机或云服务提供商）

数据处理协议的内容

如上所述，我们已与作为处理者的合作伙伴签订了数据处理协议（DPA）。首先，该协议规定处理者仅按照GDPR的规定处理数据。合同必须以书面形式签订，尽管电子合同的完成也被视为“书面合同”。只有在签订该合同后，才会进行任何个人数据的处理。合同必须包含以下内容：

• 对我们作为控制者的说明
• 控制者的义务和权利
• 数据主体的类别
• 个人数据的类型
• 数据处理的类型和目的
• 数据处理的主体和期限
• 数据处理的位置

此外，合同包含了处理方的所有义务。最重要的义务包括：

• 确保数据安全措施
• 采取可能的技术和组织措施以保护数据主体的权利
• 维护数据处理记录
• 根据要求与数据保护机构合作
• 对收到的任何个人数据进行风险分析
• 只有在控制方书面同意的情况下才能指定子处理方

您可以在以下位置查看DPA的示例： https://gdpr.eu/data-processing-agreement/。此链接显示了一份合同样本。

Cookies（Cookies）

什么是Cookies？

我们的网站使用HTTP Cookie来存储用户特定的数据。
接下来我们将解释什么是Cookie以及为什么要使用它们，以便您能更好地理解下面的隐私政策。

每当您浏览互联网时，您都在使用浏览器。常见的浏览器有Chrome、Safari、Firefox、Internet Explorer和Microsoft Edge。例如，大多数网站会在您的浏览器中存储小型文本文件，这些文件被称为Cookie。

需要注意的是，Cookie是非常有用的小助手。几乎每个网站都会使用Cookie。更准确地说，这些是HTTP Cookie，因为还有其他用途的Cookie。HTTP Cookie是我们的网站在您的计算机上存储的小文件。这些Cookie文件会自动放入Cookie文件夹中，这个文件夹是您浏览器的“大脑”。一个Cookie由名称和值组成。此外，为了定义一个Cookie，还必须指定一个或多个属性。

Cookie会存储关于您的某些用户数据，例如语言或个人页面设置。当您重新打开我们的网站再次访问时，您的浏览器会将这些“与用户相关”的信息提交回我们的网站。多亏了Cookie，我们的网站知道您是谁，并为您提供熟悉的设置。在某些浏览器中，每个Cookie都有自己的文件，而在其他浏览器（如Firefox）中，所有Cookie都存储在一个文件中。

下图显示了网页浏览器（如Chrome）与Web服务器之间可能的交互。Web浏览器请求一个网站，并从服务器接收一个Cookie。然后，当请求另一个页面时，浏览器会再次使用这个Cookie。

Cookie分为第一方Cookie和第三方Cookie。第一方Cookie由我们的网站直接创建，而第三方Cookie则由合作网站（如Google Analytics）创建。每个Cookie都必须单独评估，因为每个Cookie存储的数据不同。Cookie的过期时间也从几分钟到几年不等。Cookie不是软件程序，不包含病毒、木马或其他恶意软件。Cookie也无法访问您电脑的信息。

以下是Cookie文件可能的样子示例：

名称： _ga
数值： GA1.2.1326744211.152122952900-9
用途： 区分网站访客
到期日期： 2年后

浏览器应支持以下最小尺寸：

• 每个Cookie至少4096字节
• 每个域名至少50个Cookie
• 总共至少3000个Cookie

有哪些类型的Cookie？

我们使用的具体Cookie取决于所使用的服务，这将在本隐私政策的以下部分中进行说明。首先，我们将简要介绍不同类型的HTTP Cookie。

有4种不同类型的Cookie：

必要性Cookie
这些Cookie对于确保网站的基本功能是必需的。例如，当用户将商品加入购物车后，继续浏览其他网站，稍后返回以结账时，这些Cookie可以确保购物车不会被清空，即使用户关闭了浏览器窗口。

功能性Cookie
这些Cookie收集有关用户行为的信息，以及用户是否收到任何错误信息。此外，这些Cookie还记录网站的加载时间以及其在不同浏览器中的表现。

目标导向型Cookie
这些Cookie确保更好的用户友好性。因此，诸如之前输入的位置、字体大小或表单中的数据等信息会被保存。

广告Cookie
这些 cookie 也被称为定向 cookie。它们的目的是向用户投放定制广告。这可能非常实用，但有时也相当烦人。

当您第一次访问某个网站时，通常会被询问您希望接受哪些类型的 cookie。此外，您的选择当然也会被存储在一个 cookie 中。

如果您想了解更多关于 cookie 的信息，并且不介意技术文档，我们推荐 https://tools.ietf.org/html/rfc6265，即互联网工程任务组（IETF）的“HTTP 状态管理机制”请求评议（RFC）。

通过 cookie 进行处理的目的

具体目的最终取决于各自的 cookie。您可以在下文或设置该 cookie 的软件制造商处了解更多详细信息。

处理哪些数据？

Cookie 是各种任务的小帮手。不幸的是，无法一概而论 cookie 中通常存储哪些数据，但在下方的隐私政策中，我们会告知您哪些数据被处理或存储。

Cookie 的存储期限

存储期限取决于各自的 cookie，具体将在下文进一步说明。有些 cookie 在不到一小时后就会被删除，而有些则可能在计算机上保留数年。

您也可以自行影响存储期限。您可以随时在浏览器中手动删除所有Cookie（另见下文“反对权”）。此外，基于同意的Cookie将在您撤回同意后被删除。直到那时，存储的合法性仍然有效。

反对权——我如何删除Cookie？

您可以自行决定是否以及如何使用Cookie。无论Cookie来自哪个服务或网站，您始终可以选择删除、禁用或仅部分接受Cookie。例如，您可以阻止第三方Cookie，但允许所有其他Cookie。

如果您想了解浏览器中存储了哪些Cookie，或者想更改或删除Cookie设置，您可以在浏览器设置中找到此选项：

Chrome：在Chrome中清除、启用和管理Cookie

Safari：在Safari中管理Cookie和网站数据

Firefox：在Firefox中清除Cookie和网站数据

Internet Explorer：删除和管理Cookie

Microsoft Edge：在Microsoft Edge中删除Cookie

如果您通常不想要Cookie，可以将浏览器设置为在即将设置Cookie时通知您。这样，您就有机会手动决定是否允许或拒绝每一个Cookie的设置。此操作因浏览器而异。因此，最好在Google中搜索相关说明。如果您使用的是Chrome，可以在Google中输入“删除Cookie Chrome”或“禁用Cookie Chrome”等搜索词。

法律依据

所谓的“Cookie指令”自2009年起就已存在。它规定存储Cookie需要您的 同意 （《通用数据保护条例》第6条第1款a项）。然而，在欧盟各国，对这些指导方针的反应仍然有很大差异。然而，在奥地利，该指令已在《电信法》（2021年）第165条第3款中实施。在德国，Cookie指令尚未作为国家法律实施。相反，该指令主要在《电信媒体法》（TMG）第15条第3款中实施，自2024年5月起已被《数字服务法》（DSA）取代。

对于绝对必要的Cookie，即使未获得同意，也存在合法利益（《通用数据保护条例》第6条第1款f项），在大多数情况下，这些利益具有经济性质。我们希望为访问我们网站的访客提供愉快的用户体验。为此，某些Cookie通常是绝对必要的。

这仅在您同意的情况下进行，除非使用的是绝对必要的Cookie。其法律依据为《通用数据保护条例》第6条第1款a项。

在以下章节中，您将找到有关Cookie使用的更多详细信息，前提是所用软件确实使用了Cookie。

申请数据

什么是申请数据？

您可以通过电子邮件、在线表格或招聘工具向我们公司申请职位。我们在申请过程中收到和处理的所有数据都被视为申请数据。这包括个人数据，如姓名、出生日期、地址和电话号码。

我们为什么要处理申请数据？

我们处理您的数据是为了对所招聘岗位进行合适的筛选。此外，我们可能会将您的申请材料保存在我们的候选人档案库中。很多时候，我们对某位候选人及其申请印象深刻，但由于各种原因无法合作。在您同意的情况下，我们会存档您的资料，以便将来有合适机会时能方便地与您联系。

我们向您保证，我们会以最高的谨慎处理您的数据，并始终在法律框架内进行处理。在公司内部，您的数据只会与直接参与您申请流程的人员共享。简而言之：您的数据在我们这里很安全！

处理哪些数据？

例如，当您通过电子邮件申请时，我们自然会收到上述提到的个人数据。即使是电子邮件地址本身也被视为个人数据。在申请过程中，只有与决定是否欢迎您加入我们团队相关的数据会被处理。

具体处理的数据主要取决于职位招聘信息。然而，通常包括您的姓名、出生日期、联系方式和资格证明。如果您通过在线表格提交申请，数据会以加密形式传输给我们。如果您通过电子邮件发送申请，则不会进行加密，我们无法对传输方式负责。一旦数据存储在我们的服务器上，我们将负责其合法处理。

在申请过程中，也可能会要求您提供有关健康状况或族裔背景的信息。这有助于我们遵守与劳动法、社会保障和社会保护相关的法律义务。这些被视为特殊类别数据。

以下是我们可能收到和处理的数据列表：

• 姓名
• 联系地址
• 电子邮件地址
• 电话号码
• 出生日期
• 求职信和简历中的信息
• 资格证明（例如证书）
• 特殊类别数据（例如，种族来源、健康数据、宗教信仰）
• 使用数据（访问过的网站、访问数据等）
• 元数据（IP地址、设备信息）

数据会被保存多久？

如果您加入我们的团队，您的数据将被进一步用于雇佣目的，并至少保留至雇佣关系结束。所有申请文件随后将成为您的员工档案的一部分。

如果我们未向您提供职位，您拒绝我们的录用或撤回申请，我们可能会基于合法利益（GDPR第6条第1款f项）在申请流程结束后最多保留您的数据6个月。之后，电子数据和纸质文件都将被彻底删除或销毁。我们保留您的数据，例如用于回答后续问题或在法律纠纷中提供申请证明。如果发生法律纠纷且我们需要在6个月后继续保留数据，我们只会在没有保留理由后删除数据。如果有法定的保存义务，我们必须将数据保存超过6个月。

此外，如果您明确同意，我们可能会更长时间地保留您的数据。这种情况可能发生在我们认为未来有合作潜力时。在这种情况下，您的数据将被纳入我们的候选人库。当然，您可以随时撤回对延长保存的同意。如果未撤回且未给予新的同意，您的数据将在最多2年后被删除。

法律依据

处理您数据的法律依据为GDPR第6条第1款a项（同意）、第6条第1款b项（合同或合同前措施）、第6条第1款f项（合法利益）以及第9条第2款a项（处理特殊类别数据）。

如果我们将您纳入我们的候选人工具，这是基于您的同意（GDPR第6条第1款a项）。我们强调，您同意加入候选人库是自愿的，不影响申请流程，并且可以随时撤回。撤回前的处理合法性不受影响。

In cases where vital interests are at stake, data processing occurs under Art. 9(2)(c) GDPR. For purposes related to healthcare, occupational medicine, medical diagnosis, provision of health or social care, or the management of systems and services in health or social care, data is processed under Art. 9(2)(h) GDPR. If you voluntarily provide special category data, processing is based on Art. 9(2)(a) GDPR.

Customer Data

What is customer data?

In order to be able to offer our services and contractual services, we also process data from our customers and business partners. This data always includes personal data. Customer data is all information that is processed on the basis of contractual or pre-contractual agreements so that the offered services can be provided. Customer data is therefore all the information we collect and process about our customers.

我们为什么要处理客户数据？

我们收集和处理客户数据有很多原因。主要原因是我们确实需要特定的数据来提供我们的服务。有时候，例如您的电子邮件地址就足够了。但如果您购买了产品或服务，我们可能还需要您的姓名、地址、银行信息或其他合同数据。这些数据随后将用于市场营销和销售优化，以便我们能够提升整体服务质量。另一个重要的数据处理原因是我们的客户服务，这对我们来说非常重要。我们希望您随时可以就我们的产品或服务向我们咨询。因此，我们至少需要您的电子邮件地址等某些数据。

处理哪些数据？

具体存储哪些数据只能通过将其分类来展示。总的来说，这始终取决于您使用了我们的哪项服务。在某些情况下，您可能只需提供电子邮件地址，以便我们联系您或回答您的问题。在其他情况下，您可能会购买我们的产品或服务。那么我们可能需要更多的信息，例如您的联系方式、支付信息和合同信息。

以下是我们可能接收和处理的潜在数据列表：

• 姓名
• 联系地址
• 电子邮件地址
• 电话号码
• 您的生日
• 支付数据（发票、银行信息、支付历史等）
• 合同数据（期限、内容）
• 使用数据（访问过的网站、访问数据等）
• 元数据（IP地址、设备信息）

数据会被保存多久？

我们会在不再需要相关客户数据以履行合同义务和目的时，以及数据对可能的保修和责任义务也不再必要时，立即删除这些数据。例如，当一项商业合同结束时就可能出现这种情况。此后，通常的诉讼时效为3年，个别情况下可能更长。当然，我们也会遵守法定的保存要求。您的客户数据绝不会被转交给第三方，除非您已明确同意。

法律依据

处理您数据的法律依据为《通用数据保护条例》第6条第1款a项（同意）、第6条第1款b项（合同或合同前措施）、第6条第1款f项（合法利益），以及特殊情况下（如医疗服务）第9条第2款（处理特殊类别数据）。

在保护重要利益的情况下，数据处理依据GDPR第9条第2款c项进行。为医疗保健、职业医学、医学诊断、健康或社会领域的护理或治疗，或为健康或社会领域的系统和服务管理之目的，个人数据的处理依据GDPR第9条第2款h项进行。如果您自愿提供这些特殊类别的数据，处理将基于GDPR第9条第2款a项。

注册

如果您在我们这里注册并提供任何个人数据，这些数据可能会被处理，并可能与您的IP地址一起处理。下面您可以了解我们所说的“个人数据”这一较为广泛的术语的含义。

请仅输入我们注册所需的数据。如果您代表第三方注册，请仅输入您已获得该方批准的数据。如有可能，请使用一个您未在其他地方使用过的安全密码，并使用您经常查收的电子邮件地址。

在下文中，我们将向您说明我们所进行的数据处理的具体类型。毕竟，我们希望您对我们提供的服务感到安心！

什么是注册？

当您注册时，我们会保留您的某些数据，以便您能够轻松地在线登录并使用您的账户。拥有我们的账户的好处是您不必每次都重新输入所有信息。这节省了时间和精力，并最终避免了我们服务提供过程中的任何问题。

我们为什么要处理个人数据？

简而言之，我们处理个人数据是为了让您能够注册账户并使用账户。如果我们不这样做，您每次都需要输入所有数据，等待我们的批准，然后再次输入所有信息。这个繁琐的过程不仅可能让我们有些烦恼，也会让许多亲爱的客户感到不便。

处理哪些数据？

您在注册或登录时提供的任何数据，以及您在管理账户数据时可能输入的任何数据。

在注册过程中，我们会处理以下类型的数据：

• 名字
• 姓氏
• 电子邮件地址
• 公司名称
• 街道+门牌号
• 居住地
• 邮政编码
• 国家

在您注册期间，我们会处理您输入的所有数据，例如您的用户名和密码，以及在后台收集的数据，如您的设备信息和IP地址。

在使用您的账户时，我们会处理您在使用账户过程中输入的所有数据，以及您使用我们的服务时产生的任何数据。

存储时间

我们会将所输入的数据至少保存至与该数据关联的账户在我们这里存在且被使用期间，并且只要您与我们之间存在合同义务。如果合同终止，我们会保留数据直到相关索赔时效届满。此外，只要我们有法律存储义务，我们也会保存您的数据（如适用）。在此之后，我们会将合同的所有会计记录（发票、合同文件、账户对账单等）保存10年（§ 147 AO），其他相关业务文件保存6年（§ 247 HGB），自其产生之日起。

反对权

您已经注册、输入了数据并希望撤销数据处理？没问题。如上所示，根据《通用数据保护条例》，您在注册、登录或创建账户时及之后，仍然保有此权利。请联系上述数据保护官以行使您的权利。如果您已经拥有我们的账户，可以在您的账户中轻松查看和管理您的数据和文本。

法律依据

完成注册流程后，您与我们达成了一个合同前协议，目的是签订我们平台的使用合同（尽管没有自动付款义务）。您投入时间输入数据并注册，作为回报，我们在您登录系统并查看客户账户后为您提供服务。我们也履行我们的合同义务。最后，我们需要能够通过电子邮件向注册用户通知重要变更。适用《通用数据保护条例》第6条第1款(b)项（履行合同前措施、履行合同）。

如适用，我们会征求您的同意，例如在您自愿提供超出绝对必要范围的数据时，或在我们询问您是否同意接收广告时。此事项适用《通用数据保护条例》第6条第1款(a)项（同意）。

我们也有合法利益了解我们的客户是谁，以便在需要时与其联系。我们还需要知道谁在使用我们的服务，以及是否按照我们的使用条款使用，即本事项适用《通用数据保护条例》第6条第1款(f)项（合法利益）。

注意：以下部分需由用户根据需要勾选：

使用真实姓名注册

由于业务运营需要我们了解客户身份，因此只能用您的真实姓名（全名）注册，不能使用化名。

使用化名注册

您可以使用化名注册，这意味着您无需使用真实姓名注册。这确保了您的真实姓名不会被我们处理。

IP地址的存储

在注册、登录和账户使用过程中，我们会出于安全原因存储您的IP地址，以便能够确定合法使用。

公开资料

用户资料是公开可见的，即部分资料无需输入用户名和密码也可在互联网上查看。

双因素认证（2FA）

双因素认证（2FA）在登录时提供额外的安全性，例如防止您在没有智能手机的情况下登录。这项用于保护您账户的技术措施，即使您的用户名和密码泄露，也能防止数据丢失或未经授权的访问。在您的注册流程、登录或账户内部，您可以了解所使用的2FA类型。

网站托管

什么是网站托管？

如今，每当您访问一个网站时，某些信息——包括个人数据——都会被自动创建和存储，这个网站也不例外。这些数据应尽量少处理，并且必须有充分理由。我们所说的网站，指的是您域名下的所有网页的总和，即从主页到最后一个子页面（就像您现在看到的这个页面）。我们所说的域名，指的是 example.uk 或 examplepage.com。

当您想在屏幕上查看一个网站时，您会使用一个叫做网页浏览器的程序。您可能知道一些网页浏览器的名字：Google Chrome、Microsoft Edge、Mozilla Firefox 和 Apple Safari。

网页浏览器必须连接到另一个存储网站代码的计算机：即网页服务器。运营网页服务器既复杂又耗时，因此通常由专业服务商来完成。他们提供网站托管服务，从而确保网站数据的可靠和无故障存储。

每当您电脑上的浏览器（无论是台式机、笔记本还是智能手机）建立连接，以及每当有数据在网页服务器之间传输时，个人数据都有可能被处理。毕竟，您的计算机会存储数据，而网页服务器也必须在一段时间内保留这些数据，以确保其正常运行。

示意图：

我们为什么要处理个人数据？

数据处理的目的包括：

1. 网站的专业托管和运营安全
2. 维护运营和IT安全
3. 匿名评估访问模式以改进我们的服务，并在必要时用于起诉或追索权利。

处理哪些数据？

即使您正在访问我们的网站，我们的网站服务器（即存储该网站的计算机）通常也会自动保存如下数据：

• 所访问网站的完整地址（URL）（例如：https://www.examplepage.uk/examplesubpage.html?tid=122952900）
• 浏览器及其版本（例如：Chrome 87）
• 所使用的操作系统（例如：Windows 10）
• 之前访问页面的地址（URL）（引用网址）（例如：https://www.examplepage.uk/icamefromhere.html/）
• 访问网站的设备的主机名和IP地址（例如：COMPUTERNAME 和 194.23.43.121）
• 日期和时间
• 在所谓的网络服务器日志文件中

数据会被保存多久？

通常，上述数据会被保存两周，然后自动删除。我们不会将这些数据传递给他人，但无法排除在发生非法行为时，相关部门可能会查看这些数据的可能性。

简而言之： 您的访问已被我们的服务提供商（在专用计算机（服务器）上运营我们网站的公司）记录，但未经您的同意，我们不会传递您的数据！

法律依据

在网络托管背景下处理个人数据的合法性依据于《通用数据保护条例》第6条第1款f项（维护合法利益），因为使用专业托管服务商是为了在互联网上以安全且用户友好的方式展示公司形象，并在必要时能够追踪任何攻击和索赔。

其他网站托管

我们网站托管的联系方式：

服务：Cloudways
提供商：Cloudways Ltd., 52 Springvale, Pope Pius XII Street, Mosta MST2653, 马耳他
服务器位置：法兰克福

您可以在该服务商的 隐私政策.

网站分析

什么是网站分析？

我们在网站上使用被称为网站分析的软件，以评估网站访客的行为。因此，分析工具提供商（也称为跟踪工具）会收集、存储、管理和处理数据。通过这些数据，我们作为网站运营者可以获得用户在我们网站上的行为分析。大多数工具还提供各种测试选项。例如，这些选项可以让我们测试访客更喜欢哪些内容或产品。为此，我们可能会在有限的时间内向您展示两个不同的内容或产品。测试结束后（即所谓的A/B测试），我们就知道网站访客更感兴趣的是哪个产品或内容。为了进行此类测试以及其他各种分析，会创建用户画像，并将相关数据存储在Cookie中。

我们为什么要进行网站分析？

我们对网站有一个明确的目标：我们希望打造业内最好的市场网站。因此，我们希望为您提供最优质、最有趣的内容和最舒适的访问体验。通过网站分析工具，我们可以观察网站访客的行为，并据此为您和我们自身不断优化网站。例如，我们可以了解访客的平均年龄、来源、网站访问高峰时段，以及哪些内容或产品特别受欢迎。所有这些信息都有助于我们优化网站，并根据您的需求、兴趣和愿望进行调整。

处理哪些数据？

具体存储哪些数据取决于所使用的分析工具。但通常会存储您在我们网站上浏览的内容，以及例如您点击了哪些按钮或链接、何时打开页面、使用了哪种浏览器、使用了哪种设备（PC、平板、智能手机等）访问网站，或使用了哪种计算机系统。如果您同意收集位置信息，这些数据也可能由网站分析工具的提供商处理。

此外，您的IP地址也会被存储。根据《通用数据保护条例》（GDPR），IP地址属于个人数据。但您的IP地址通常会以假名化形式存储（即以不可识别和缩写的形式）。不会为测试、网站分析和网站优化目的存储如您的姓名、年龄、地址或电子邮件地址等可直接关联的数据。如果收集了这些数据，也会以假名化形式保存。因此，这些数据无法用于识别您的个人身份。

以下示例展示了Google Analytics作为基于客户端、通过JavaScript代码进行网站跟踪的功能。

各自数据的存储期限始终取决于提供商。有些 Cookie 只保留数据几分钟或直到您离开网站，而其他 Cookie 则可以存储数据数年。

数据处理期限

如果我们有关于数据处理期限的更多信息，您将在下方找到。我们通常只在绝对必要的情况下，为了提供产品和服务而处理个人数据。如果法律有要求，例如会计目的，存储期限可能会延长。

反对权

您也有权随时撤销对 Cookie 或第三方提供商使用的同意。这可以通过我们的 Cookie 管理工具或其他选择退出功能实现。例如，您还可以通过在浏览器中管理、禁用或删除 Cookie 来阻止 Cookie 的数据处理。

法律依据

使用网站分析需要您的同意，我们已通过 Cookie 弹窗获得您的同意。根据 《通用数据保护条例》第6条第1款a项（同意），该同意构成处理个人数据（如通过网站分析工具收集）的法律依据。

除了同意之外，我们还有分析网站访问者行为的合法利益，这使我们能够在技术和经济上改进我们的服务。通过网站分析，我们可以识别网站错误、发现攻击并提高盈利能力。其法律依据为 《通用数据保护条例》第6条第1款f项（合法利益）。但我们仅在您同意的情况下才使用这些工具。

由于网络分析工具使用了Cookie，我们建议您阅读我们的Cookie隐私政策。如果您想了解哪些数据被存储和处理，您应阅读相关工具的隐私政策。

如有可用，关于特定网络分析工具的信息可在以下章节中找到。

Google Analytics隐私政策

什么是Google Analytics？

在我们的网站上，我们使用了由美国公司Google Inc.提供的Google Analytics 4（GA4）版本的分析追踪工具。对于欧洲地区，所有Google服务均由Google Ireland Limited（地址：Gordon House, Barrow Street Dublin 4, Ireland）负责。Google Analytics会收集您在我们网站上的操作数据。通过结合Cookie、设备ID和登录信息等多种技术，您可以作为用户在不同设备间被识别。这也使得您的操作能够跨平台进行分析。

例如，当您点击某个链接时，此事件会被存储在Cookie中并发送到Google Analytics。通过我们从Google Analytics获得的报告，我们可以更好地根据您的需求调整我们的网站和服务。接下来，我们将为您提供有关该追踪工具的更多信息，并特别告知您所处理的数据以及您如何防止数据被处理。

Google Analytics 是一种用于网站流量分析的跟踪工具。这些测量和分析的基础是一个伪匿名的用户识别号码。该号码不包含姓名或地址等个人身份信息，但用于将事件分配到某个设备。GA4 采用基于事件的模型，能够详细捕捉用户交互信息，如页面浏览、点击、滚动和转化事件。此外，GA4 融入了多种机器学习功能，以更好地理解用户行为和某些趋势。GA4 通过机器学习能力进行建模，这意味着可以根据收集到的数据推断缺失数据，从而优化分析并提供预测。

为了让 Google Analytics 正常运行，我们在网站代码中嵌入了跟踪代码。当您访问我们的网站时，该代码会记录您在我们网站上执行的各种事件。借助 GA4 的基于事件的数据模型，我们作为网站运营者可以定义和跟踪特定事件，以获得用户交互的分析。这不仅让我们能够追踪点击或页面浏览等一般信息，还能追踪对我们业务重要的特定事件，例如提交联系表单或完成购买。

一旦您离开我们的网站，这些数据会被发送到 Google Analytics 服务器并存储。

Google 会处理这些数据，我们会收到关于您用户行为的报告。这些报告可能包括以下内容：

• 受众报告：受众报告帮助我们更好地了解用户，并更准确地把握哪些人对我们的服务感兴趣。
• 广告报告：广告报告让我们更容易分析和改进我们的在线广告。
• 获客报告：获客报告为我们提供了有关如何吸引更多人使用我们服务的有用信息。
• 行为报告：在这里，我们可以了解您如何与我们的网站互动。我们可以追踪您在我们网站上的路径以及您点击了哪些链接。
• 转化报告：转化是指您因营销信息而采取的某个行动，例如从网站访客变为买家或订阅了我们的通讯。通过这些报告，我们可以洞察我们的营销活动对您的影响，目的是提升我们的转化率。
• 实时报告：通过实时报告，我们可以看到当前我们网站上正在发生什么。例如，我们可以看到目前有多少用户正在阅读这段文字。

除了上述分析报告外，Google Analytics 4 还提供以下功能：

• 基于事件的数据模型：该模型捕捉我们网站上可能发生的特定事件，例如播放视频、进行购买或订阅我们的新闻通讯。
• 高级分析功能：通过这些功能，我们可以更好地了解您在我们网站上的行为或某些总体趋势。例如，我们可以对用户群体进行细分，对目标受众进行对比分析，或追踪您在我们网站上的路径。
• 预测建模：基于收集到的数据，可以通过机器学习推断缺失数据，以预测未来的事件和趋势。这有助于我们制定更好的营销策略。
• 跨平台分析：可以从网站和应用程序收集和分析数据。这使我们能够分析跨平台的用户行为，前提是您已同意数据处理。

我们为什么在网站上使用 Google Analytics？

我们建立这个网站的目标很明确：我们希望为您提供尽可能好的服务。Google Analytics 的统计数据和信息帮助我们实现这一目标。

经过统计评估的数据让我们清楚地了解了我们网站的优势和劣势。一方面，我们可以优化网站，使其更容易被感兴趣的人在 Google 上找到。另一方面，这些数据帮助我们更好地了解您作为访客。我们确切地知道需要改进网站的哪些方面，以便为您提供最佳服务。这些数据还帮助我们以更个性化和更具成本效益的方式开展广告和营销活动。毕竟，只向感兴趣的人展示我们的产品和服务才有意义。

Google Analytics 会存储哪些数据？

借助跟踪代码，Google Analytics 会创建一个与您的浏览器 Cookie 相关联的随机唯一 ID。这样，Google Analytics 就会将您识别为新用户，并为您分配一个用户 ID。当您再次访问我们的网站时，系统会将您识别为“回访”用户。所有收集到的数据都会与该用户 ID 一起存储，从而可以评估伪匿名的用户画像。

要使用 Google Analytics 分析我们的网站，必须在跟踪代码中插入一个属性 ID。然后数据会存储在相应的属性中。对于每个新创建的属性，默认是 Google Analytics 4 属性。数据存储的时长取决于所使用的属性。

通过诸如 Cookie、应用实例 ID、用户 ID 或自定义事件参数等标识符，如果您已同意，您的互动会在各个平台上被测量。互动包括您在我们网站上执行的所有类型的操作。如果您还使用其他 Google 系统（如 Google 账户），通过 Google Analytics 生成的数据可以与第三方 Cookie 关联。除非我们作为网站运营者授权，或者法律要求，Google 不会披露 Google Analytics 数据。

据 Google 称，Google Analytics 4 不会记录或存储 IP 地址。然而，Google 会使用 IP 地址数据来推断位置信息，并随后立即删除。所有来自欧盟用户的 IP 地址在数据存储到数据中心或服务器之前都会被删除。

由于 GA4 侧重于基于事件的数据，该工具相比之前的版本（如 Google Universal Analytics）使用的 Cookie 明显减少。不过，GA4 仍然会使用一些特定的 Cookie。这些可能包括：

名称：_ga
值：2.1326744211.152122952900-5
用途：默认情况下，analytics.js 使用 _ga Cookie 来存储用户 ID。它用于区分网站访问者。
过期时间：2 年后

名称： _gid
数值： 2.1687193234.152122952900-1
用途： 此 Cookie 也用于区分网站访问者。
过期时间： 24小时后

名称： gat_gtag_UA 值：1
用途： 用于降低请求率。如果通过 Google 标签管理器部署 Google Analytics，则该 Cookie 名称为 dc_gtm。
过期时间： 1分钟后

注意： 此列表并不详尽，因为 Google 可能会不时更改其 Cookie 的选择。GA4 旨在提升数据隐私，并提供多种控制数据收集的选项。例如，我们可以自行决定存储期限并控制数据。

以下是我们为您提供的 Google Analytics 收集的主要数据类型概览：

热力图： Google 会生成热力图，显示您点击的具体区域。这为我们提供了有关您在我们网站上互动的信息。

会话时长： Google将会话时长定义为您在我们网站上停留且未离开的时间。如果您20分钟内无操作，会话将自动结束。

跳出率： 跳出率指的是您只浏览了我们网站的一个页面后就离开。

账户创建： 如果您在我们网站上创建账户或下订单，Google Analytics会收集这些数据。

位置： IP地址不会在Google Analytics中被记录或存储。但位置信息会在IP地址被删除前短暂获取。

技术信息： 技术信息包括您的浏览器类型、互联网服务提供商和屏幕分辨率等。

来源： Google Analytics 关注的是将您带到我们网站的来源网站或广告。

附加数据可能包括联系信息、评论、媒体播放（例如，您在我们网站上播放视频）、通过社交媒体分享内容或添加到收藏夹。此列表并不详尽，仅作为 Google Analytics 数据存储的一般指南。

数据存储在哪里以及存储多长时间？

Google 在全球范围内部署了服务器。您可以在以下网址找到有关 Google 数据中心位置的详细信息： https://www.google.com/about/datacenters/locations/?hl=en

您的数据分布在多个物理存储设备上。这确保了更快的数据访问速度和更好的防篡改保护。每个 Google 数据中心都为您的数据制定了应急方案。在硬件故障或自然灾害的情况下，Google 的服务中断风险仍然很低。

数据的保留期限取决于所使用的属性。每个属性的存储时长都是单独设置的。Google Analytics 为我们提供了四种控制存储时长的选项：

• 2 个月：这是最短的存储期限。
• 14 个月：默认情况下，GA4 中的数据会存储 14 个月。
• 26 个月：数据也可以存储 26 个月。
• 数据只能手动删除。

此外，还有一种选择，即仅当您在所选时间段内未访问我们的网站时，数据才会被删除。在这种情况下，每当您在规定的时间范围内重新访问我们的网站时，保留期都会被重置。

一旦定义的期限到期，数据会每月删除一次。此保留期适用于与 Cookie、用户标识和广告 ID（例如 DoubleClick 域的 Cookie）相关的数据。报告结果基于汇总数据，并独立于用户数据进行存储。汇总数据是将单个数据合并为更大单位的数据。

我如何删除我的数据或防止数据存储？

根据欧盟的数据保护法律，您有权访问、更新、删除或限制您的数据。通过使用用于停用 Google Analytics JavaScript（analytics.js、gtag.js）的浏览器插件，您可以防止 Google Analytics 4 使用您的数据。您可以在以下网址下载并安装该浏览器插件： https://tools.google.com/dlpage/gaoptout?hl=en 请注意，此插件仅禁用 Google Analytics 的数据收集。

如果您想要禁用、删除或管理 Cookie，您可以在“Cookie”部分找到最常见浏览器的相关说明。

法律依据

使用 Google Analytics 需要您的同意，我们已通过 Cookie 弹窗获得您的同意。根据 《通用数据保护条例》第6条第1款a项，此同意构成在通过网络分析工具收集过程中可能发生的个人数据处理的法律依据。

除了获得同意外，我们还有合法利益分析网站访问者的行为，以在技术和经济上改进我们的服务。通过使用 Google Analytics（谷歌分析），我们可以识别网站错误、检测攻击并提高效率。其法律依据为 《通用数据保护条例》第6条第1款(f)项 （合法利益）。但我们仅在您同意的情况下才使用 Google Analytics（谷歌分析）。

谷歌还会在美国等地处理您的数据。谷歌是欧盟-美国数据隐私框架的积极参与者，该框架规范了欧盟公民个人数据向美国的正确和安全传输。更多信息请参见 https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.

此外，谷歌还使用所谓的标准合同条款（《通用数据保护条例》第46条第2款和第3款）。标准合同条款（SCC）是欧盟委员会提供的模板条款，旨在确保您的数据即使在传输和存储于第三国（如美国）时也符合欧洲数据保护标准。通过欧盟-美国数据隐私框架和标准合同条款，谷歌承诺在处理您的相关数据时，即使数据在美国存储、处理和管理，也会保持欧洲数据保护水平。这些条款基于欧盟委员会的实施决定。您可以在此处找到该决定及相应的标准合同条款： https://ec.europa.eu/commission/presscorner/detail/en/ip_21_2847.

您可以在以下网址找到涉及标准合同条款的 Google Ads 数据处理条款： https://business.safety.google/intl/en/adsprocessorterms/

我们希望已经为您提供了关于 Google Analytics（谷歌分析）数据处理的最重要信息。如果您想了解更多关于该追踪服务的信息，建议访问以下链接： https://marketingplatform.google.com/about/analytics/terms/en/ 和 https://support.google.com/analytics/answer/6004245?hl=en

如果您想了解更多关于数据处理的信息，可以查阅谷歌隐私政策： https://policies.google.com/privacy?hl=en.

数据处理协议（DPA）Google Analytics（谷歌分析）

根据《通用数据保护条例》第28条，我们与 Google Analytics（谷歌分析）签订了数据处理协议（DPA）。关于 DPA 的具体内容，尤其是 DPA 必须包含哪些内容，您可以在我们的通用部分“数据处理协议（DPA）”中阅读。

根据法律要求，必须签订此合同，因为 Google Analytics 代表我们处理个人数据。该合同明确规定，Google Analytics 只能按照我们的指示处理他们从我们这里收到的数据，并且必须遵守 GDPR。您可以在下方找到数据处理条款的链接 https://business.safety.google/intl/en/adsprocessorterms/.

Google Analytics 关于人口特征和兴趣的报告

我们已启用 Google Analytics 的广告报告功能。这些关于人口特征和兴趣的报告包含有关年龄、性别和兴趣的详细信息。通过这些报告，我们可以更好地了解我们的用户——而无需将任何数据分配给个人。您可以在以下网址了解更多关于广告功能的信息 请访问 https://support.google.com/analytics/answer/3450482?hl=zh-CN&amputm_id=ad.

您可以在“广告设置”中终止使用您的 Google 账户活动和信息，网址为 https://adssettings.google.com/authenticated 通过复选框。

Google Analytics 电子商务衡量

我们还在我们的网站上使用了 Google Analytics 的电子商务衡量功能。这使我们能够非常精确地分析您和其他所有客户如何与我们的网站互动。电子商务衡量主要关注购买行为。基于获得的数据，我们可以根据您的需求和期望调整和优化我们的服务。通过这些数据，我们还可以更有针对性地使用我们的在线广告措施，仅向对我们的产品或服务感兴趣的人展示广告。电子商务衡量功能会记录例如哪些订单已下单、您决定购买某产品所花费的时间、平均订单价值或运费等。所有这些数据都可以在特定 ID 下被记录和存储。

同意模式下的 Google Analytics

根据您的同意，Google Analytics 会在所谓的“同意模式”下处理您的个人数据。您可以选择是否接受 Google Analytics 的 cookie，从而决定 Google Analytics 可以处理哪些您的数据。保留的数据主要用于衡量网站上的用户行为、投放定向广告以及为我们提供网站分析报告。通常，您会通过 cookie 同意工具同意 Google 的数据处理。如果您不同意数据处理，则只会收集和处理汇总数据。这意味着数据无法分配给单个用户，因此不会为您创建用户画像。您还可以选择仅同意统计测量，这意味着您的任何个人数据都不会被用于广告或广告测量相关的处理。

Google Analytics IP 匿名化

我们已在本网站实施了 Google Analytics 的 IP 地址匿名化功能。Google 开发了此功能，以便本网站能够遵守适用的隐私法律以及当地数据保护机构的建议，如果他们禁止保留任何完整的 IP 地址。
IP 地址的匿名化或掩码处理会在其到达 Google Analytics 数据收集网络时立即进行，但在数据被保存或处理之前。

您可以在以下位置找到有关 IP 匿名化的更多信息 https://support.google.com/analytics/answer/2763052?hl=en.

无 Cookie 的 Google Analytics

我们在网站上使用 Google Analytics（简称 GA），但不会在您的浏览器中设置 Cookie。上文我们已经解释了什么是 Cookie。无论您是否记得这些解释——这里有一段专门针对 GA 的简要信息：Cookie 用于在您的设备浏览器中存储对 GA 有用的数据。由于不再使用 Cookie，您的任何个人数据都不会存储在 Cookie 中，因此不会为您创建用户画像。虽然 Google Analytics 仍可进行各种测量和网络分析，但为此收集的数据仅存储在 Google 的服务器上，因此您的隐私得到了更大程度的尊重和保护。

Google Tag Manager 隐私政策

什么是 Google Tag Manager？

我们的网站使用了 Google 公司（Google Inc.，地址：1600 Amphitheatre Parkway Mountain View, CA 94043, USA）提供的 Google Tag Manager。
该 Tag Manager 是 Google 众多实用营销产品之一。通过它，我们可以集中集成和管理我们网站上使用的各种跟踪工具的代码片段。

在本隐私声明中，我们将更详细地解释 Google Tag Manager 的作用、我们为何使用它以及您的数据被处理的范围。

Google Tag Manager 是一种组织工具，借助它我们可以通过用户界面集中集成和管理网站标签。标签是一些小的代码片段，例如用于跟踪您在我们网站上的活动。为此，会将 JavaScript 代码片段集成到我们网站的源代码中。这些标签通常来自 Google 的内部产品，如 Google Ads 或 Google Analytics，但也可以通过该管理器集成和管理其他公司的标签。由于标签的功能不同，它们可以收集浏览器数据、为营销工具提供数据、嵌入按钮、设置 Cookie 并跨多个网站跟踪用户。

我们为什么要在网站上使用 Google Tag Manager？

众所周知：有条理很重要！当然，这也适用于我们网站的维护。为了尽可能好地为您以及对我们产品和服务感兴趣的所有人组织和设计我们的网站，我们依赖于各种跟踪工具，例如 Google Analytics。
收集到的数据可以让我们了解您最感兴趣的内容，我们应该改进哪些服务，以及还应向哪些其他人展示我们的服务。此外，为了使这些跟踪工具正常工作，我们必须在网站上实现相关的 JavaScript 代码。虽然理论上我们可以将每个跟踪工具的每段代码分别集成到源代码中，但这会耗费太多时间，并且会让我们失去整体把控。这就是我们使用 Google Tag Manager 的原因。我们可以轻松地集成所需的脚本，并在一个地方进行管理。此外，Google Tag Manager 的用户界面操作简单，无需编程技能。因此，我们可以轻松地在标签的“丛林”中保持有序。

Google 标签管理器存储了哪些数据？

标签管理器本身是一个既不使用 Cookie 也不存储数据的域。它仅作为已实施标签的“管理员”运作。数据由不同网站分析工具的各个标签收集。因此，在 Google 标签管理器中，数据会被发送到各个跟踪工具，而不会被保存。

然而，对于集成了不同网站分析工具（如 Google Analytics）的标签来说，情况则有所不同。根据所使用的分析工具，会通过 Cookie 收集、存储和处理您在互联网上的各种行为数据。请阅读我们关于数据保护的相关文本，了解我们网站上使用的具体分析和跟踪工具的更多信息。

我们通过标签管理器的账户设置允许 Google 接收来自我们的匿名数据。但这仅限于我们标签管理器的使用情况，并不涉及通过代码片段保存的您的数据。我们允许 Google 及其他方以匿名形式接收选定的数据。因此，我们同意以匿名方式传输我们网站的数据。然而，即使经过广泛的研究，我们也无法确切得知被传输的汇总和匿名数据具体包括哪些。我们所知道的是，Google 删除了任何可以识别我们网站的信息。Google 会将这些数据与数百个其他匿名网站的数据结合起来，并作为基准测试措施的一部分创建用户趋势。基准测试是一种将公司的业绩与竞争对手进行比较的过程。由此，可以根据收集到的信息优化流程。

数据会被存储多长时间以及存储在哪里？

当 Google 存储数据时，是在 Google 自己的服务器上完成的。这些服务器遍布全球，大多数位于美国。于 https://www.google.com/about/datacenters/inside/locations/?hl=en 您可以详细阅读 Google 服务器的具体位置。

在我们关于不同工具的数据保护文本中，您可以了解到各自跟踪工具存储您数据的时长。

我如何删除我的数据或防止数据被保存？

Google 标签管理器本身不会设置任何 Cookie，而是管理不同跟踪网站的标签。在我们关于不同跟踪工具的数据保护文本中，您可以详细了解如何删除或管理您的数据。

请注意，使用此工具时，您的数据也可能会被存储和处理在欧盟以外的地区。大多数第三国（包括美国）根据现行欧洲数据保护法并不被视为安全。除非我们与非欧洲服务提供商之间有适当的保障措施（如欧盟标准合同条款），否则不得将数据传输、存储和处理到不安全的第三国。

法律依据

使用 Google Tag Manager 需要您的同意，我们已通过我们的 Cookie 弹窗获得了您的同意。根据 《通用数据保护条例》第6条第1款a项（同意），此同意是处理个人数据的法律依据，例如通过网络分析工具收集数据时。

除了同意之外，我们还有分析网站访问者行为、从而在技术和经济上改进我们服务的合法利益。借助 Google Tag Manager，我们还可以提高盈利能力。其法律依据是 《通用数据保护条例》第6条第1款f项（合法利益）。只有在您同意的情况下，我们才会使用 Google Tag Manager。

谷歌还会在美国等地处理您的数据。谷歌是欧盟-美国数据隐私框架的积极参与者，该框架规范了欧盟公民个人数据向美国的正确和安全传输。更多信息请参见 https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.

此外，谷歌还使用所谓的标准合同条款（《通用数据保护条例》第46条第2款和第3款）。标准合同条款（SCC）是欧盟委员会提供的模板条款，旨在确保您的数据即使在传输和存储于第三国（如美国）时也符合欧洲数据保护标准。通过欧盟-美国数据隐私框架和标准合同条款，谷歌承诺在处理您的相关数据时，即使数据在美国存储、处理和管理，也会保持欧洲数据保护水平。这些条款基于欧盟委员会的实施决定。您可以在此处找到该决定及相应的标准合同条款： https://ec.europa.eu/commission/presscorner/detail/en/ip_21_2847.

您可以在以下网址找到涉及标准合同条款的 Google Ads 数据处理条款： https://business.safety.google/intl/en/adsprocessorterms/

如果您想了解更多关于 Google Tag Manager 的信息，我们建议您访问他们的常见问题解答： https://support.google.com/tagmanager/?hl=en#topic=3441530.

电子邮件营销

什么是电子邮件营销？

我们使用电子邮件营销让您随时了解最新信息。如果您同意接收我们的电子邮件或通讯，您的数据将被处理和存储。电子邮件营销是在线营销的一部分。在这种营销方式中，有关公司、产品或服务的新闻或一般信息会通过电子邮件发送给对此感兴趣的特定人群。

如果您想参与我们的电子邮件营销（通常是通过通讯），通常只需用您的电子邮件地址注册即可。为此，您需要填写并提交一个在线表格。不过，我们也可能会要求您提供称谓和姓名，以便我们在邮件中能以个人化的方式称呼您。

通讯注册通常采用所谓的“双重确认程序”。在您于我们网站注册通讯后，您会收到一封电子邮件，通过该邮件可以确认通讯注册。这确保了您拥有所注册的电子邮件地址，并防止他人用第三方邮箱注册。我们或我们使用的通知工具会记录每一次注册。这是为了确保并证明注册过程的合法性和正确性。通常会存储注册和确认的时间，以及您的IP地址。此外，您对我们存档数据的任何更改也会被记录。

我们为什么要使用电子邮件营销？

当然，我们希望与您保持联系，并让您及时了解公司最重要的新闻。为此，我们使用电子邮件营销——通常称为“通讯”——作为我们在线营销的重要组成部分。如果您同意或法律允许，我们会通过电子邮件向您发送通讯、系统邮件或其他通知。下文中提到的“通讯”主要是指定期发送的电子邮件。我们当然不希望以任何方式打扰您，因此我们真诚地努力只提供相关且有趣的内容。在我们的邮件中，您可以了解更多关于我们公司及其服务或产品的信息。由于我们不断改进我们的产品和服务，通讯会为您带来最新消息或特别优惠。如果我们委托服务提供商为我们的电子邮件营销提供专业的邮件工具，这也是为了向您提供快速且安全的通讯。我们的电子邮件营销目的是让您了解新产品和优惠，同时也推动我们的业务目标。

处理哪些数据？

如果您通过我们的网站订阅了我们的新闻通讯，您需要通过我们发送给您的电子邮件确认您在我们的邮件列表中的会员资格。除了您的IP和电子邮件地址外，您的姓名、地址和电话号码也可能被存储。但只有在您同意数据保存的情况下才会这样做。所有被标记为必填的数据都是为了让您能够参与所提供的服务。提供这些信息是自愿的，但如果不提供，您将无法使用该服务。此外，关于您的设备信息或您在我们网站上偏好的内容类型的信息也可能被存储。在“自动数据存储”部分，您可以了解更多关于您访问网站时数据如何被存储的信息。我们会记录您的知情同意，以便我们始终能够证明其符合法律规定。

数据处理期限

如果您从我们的电子邮件/新闻通讯分发列表中退订，我们可能会基于我们的合法利益将您的地址保存长达三年，以便我们能够保留您当时同意的证明。只有在我们需要为自己辩护以应对任何索赔时，我们才被允许处理这些数据。

然而，如果您确认已同意订阅我们的新闻通讯，您可以随时提交个人删除请求。此外，如果您永久反对您的同意，我们保留将您的电子邮件地址存储在黑名单中的权利。但只要您自愿订阅了我们的新闻通讯，我们当然会保留您的电子邮件地址。

撤回——我如何取消订阅？

您可以随时选择取消您的新闻通讯订阅。您只需撤销对新闻通讯订阅的同意即可。这通常只需几秒钟或几次点击。大多数情况下，您会在每封邮件的末尾找到一个链接，通过该链接即可取消订阅。如果您在新闻通讯中找不到该链接，您可以通过电子邮件联系我们，我们会立即为您取消新闻通讯订阅。

法律依据

我们的新闻通讯是基于您的 同意 （《通用数据保护条例》第6条第1款a项）。这意味着只有在您事先主动注册的情况下，我们才被允许向您发送新闻通讯。此外，如果您成为我们的客户并且未反对将您的电子邮件地址用于直邮，我们还可以根据《反不正当竞争法》第7条第3款向您发送广告信息。

如有适用——您可以在以下章节中找到关于特殊电子邮件营销服务及其如何处理个人数据的信息。

HubSpot电子邮件隐私政策

我们还使用电子邮件营销工具HubSpot Email。该服务的提供商是美国公司HubSpot Inc.，地址为25 First Street, Cambridge, MA 02141, USA。

HubSpot 在美国等地处理您的数据。HubSpot 是欧盟-美国数据隐私框架的积极参与者，该框架规范了欧盟公民个人数据向美国的正确和安全传输。更多信息请参见 https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.

此外，HubSpot 还使用所谓的标准合同条款（GDPR 第46条第2款和第3款）。标准合同条款（SCC）是欧盟委员会提供的模板条款，旨在确保您的数据即使在传输和存储到第三国（如美国）时也符合欧洲数据保护标准。通过欧盟-美国数据隐私框架和标准合同条款，HubSpot 承诺在处理您的相关数据时，即使数据在美国存储、处理和管理，也保持欧洲数据保护水平。这些条款基于欧盟委员会的执行决定。
您可以在此处找到该决定及相应的标准合同条款： https://ec.europa.eu/commission/presscorner/detail/en/ip_21_2847.

您可以在隐私政策中了解通过使用 HubSpot Email 处理的数据和标准合同条款，详情请见 https://legal.hubspot.com/privacy-policy.

HubSpot Email 在美国的数据存储

HubSpot 在美国等地处理您的数据。HubSpot 是欧盟-美国数据隐私框架的积极参与者，该框架规范了欧盟公民个人数据向美国的正确和安全传输。更多信息请参见 https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.

此外，HubSpot 还使用所谓的标准合同条款（GDPR 第46条第2款和第3款）。标准合同条款（SCC）是欧盟委员会提供的模板条款，旨在确保您的数据即使在传输和存储到第三国（如美国）时也符合欧洲数据保护标准。通过欧盟-美国数据隐私框架和标准合同条款，HubSpot 承诺在处理您的相关数据时，即使数据在美国存储、处理和管理，也保持欧洲数据保护水平。这些条款基于欧盟委员会的执行决定。您可以在此处找到该决定及相应的标准合同条款： https://ec.europa.eu/commission/presscorner/detail/en/ip_21_2847.

他们的数据处理协议（与标准合同条款相对应）可在以下网址找到 https://legal.hubspot.com dpa.

HubSpot Email 在欧盟的数据存储

HubSpot 在欧盟（EU）内存储和处理您的数据。数据托管在德国的数据中心，备份地点在爱尔兰。这确保 HubSpot 在处理您的个人数据时，符合《通用数据保护条例》（GDPR）的要求。

有关 HubSpot 如何处理数据的更多信息，请访问： https://legal.hubspot.com/dpa.

社交媒体

什么是社交媒体？

除了我们的网站外，我们还活跃于各种社交媒体平台。为了能够通过社交网络有针对性地接触感兴趣的用户，用户数据可能会被处理。此外，社交媒体平台的元素也可能直接嵌入我们的网站。例如，当您点击我们网站上的社交按钮并被直接转到我们的社交媒体主页时，就会出现这种情况。所谓社交媒体是指注册会员可以与其他会员公开或在特定群组和网络中创建和交流内容的网站和应用程序。

我们为什么要使用社交媒体？

For years, social media platforms have been the place where people communicate and get into contact online. With our social media presence, we can familiarise interested people better with our products and services. The social media elements integrated on our website help you switch to our social media content quickly and hassle free.

The data that is retained and processed when you use a social media channel is primarily used to conduct web analyses. The aim of these analyses is to be able to develop more precise and personal marketing and advertising strategies. The evaluated data on your behaviour on any social media platform can help to draw appropriate conclusions about your interests. Moreover, so-called user profiles can be created. Thus, the platforms may also to present you with customised advertisements. For this, cookies are usually placed in your browser, which store data on your user behaviour.

We generally assume that we will continue to be responsible under Data Protection Law, even when using the services of a social media platform. However, the European Court of Justice has ruled that, within the meaning of Art. 26 GDPR, in certain cases the operator of the social media platform can be jointly responsible with us. Should this be the case, we will point it out separately and work on the basis of a related agreement. You will then find the essence of the agreement for the concerned platform below.

Please note that when you use social media platforms or our built-in elements, your data may also be processed outside the European Union, as many social media channels, such as Facebook or Twitter, are American companies. As a result, you may no longer be able to easily claim or enforce your rights regarding your personal data.

处理哪些数据？

Exactly which data are stored and processed depends on the respective provider of the social media platform. But usually it is data such as telephone numbers, email addresses, data you enter in contact forms, user data such as which buttons you click, what you like or who you follow, when you visited which pages, as well as information about your device and IP address. Most of this data is stored in cookies. Should you have a profile on the social media channel you are visiting and are logged in, data may be linked to your profile.

All data that are collected via social media platforms are also stored on the providers’ servers. This means that only the providers have access to the data and can provide you with appropriate information or make changes for you.

If you want to know exactly which data is stored and processed by social media providers and how you can object to the data processing, we recommend you to carefully read the privacy policy of the respective company. We also recommend you to contact the provider directly if you have any questions about data storage and data processing or if you want to assert any corresponding rights.

数据处理期限

Provided we have any further information on this, we will inform you about the duration of the data processing below. The social media platform Facebook example stores data until they are no longer needed for the company’s own purposes. However, customer data that is synchronised with your own user data is erased within two days. Generally, we only process personal data for as long as is absolutely necessary for the provision of our services and products. This storage period can also be exceeded however, if it is required by law, such as e.g. in the case of accounting.

反对权

You also retain the right and the option to revoke your consent to the use of cookies or third-party providers such as embedded social media elements at any time. This can be done either via our cookie management tool or via other opt-out functions. You can e.g. also prevent data collection via cookies by managing, deactivating or erasing cookies in your browser.

Since cookies may be used with social media tools, we also recommend you to read our privacy policy on cookies. If you want to find out which of your data is stored and processed, we advise you to read the privacy policies of the respective tools.

法律依据

If you have consented to the processing and storage of your data by integrated social media elements, this consent serves as the legal basis for data processing (Art. 6 para. 1 lit. a GDPR). Generally, provided you have given your consent, your data will also be stored and processed on the basis of our legitimate interest (Art. 6 para. 1 lit. f GDPR) in maintaining fast and good communication with you and other customers and business partners. Nevertheless, we only use the tools if you have consented. Most social media platforms also set cookies on your browser to store data. We therefore recommend you to read our privacy policy on cookies carefully and to take a look at the privacy policy or cookie policy of the respective service provider.

in the following section you can find information on special social media platforms – provided this information is available.

Facebook Privacy Policy

What are Facebook tools?

We use selected Facebook tools on our website. Facebook is a social media network of the company Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland. With the aid of this tool we can provide the best possible offers to you and anyone interested in our products and services.

If your data is collected and forwarded via our embedded Facebook elements or via our Facebook page (fanpage), both we and Facebook Ireland Ltd. are responsible for this. However, should any further processing occur, then Facebook is solely responsible for this data. Our joint commitments were also set out in a publicly available agreement at https://www.facebook. com / legal / controller_addendum . It e.g. states that we must clearly inform you about the use of Facebook tools on our website. We are also responsible for ensuring that the tools are securely integrated into our website and are in accordance with the applicable privacy laws. Facebook, on the other hand, is e.g. responsible for the data security of Facebook’s products. If you have any questions about Facebook’s data collection and processing, you can contact the company directly. Should you direct the question to us, we are obliged to forward it to Facebook.

In the following we will give you an overview on the different Facebook tools, as well as on what data is sent to Facebook and how you can erase this data.

Along with many other products, Facebook also offers so called “Facebook Business Tools”. This is Facebook’s official name for its tools, but it is not very common. Therefore, we decided to merely call them “Facebook tools”. They include the following:

• Facebook-Pixel
• 社交插件（例如“赞”或“分享”按钮）
• Facebook 登录
• 账户工具包
• API（应用程序编程接口）
• SDK（软件开发工具包）
• 平台集成
• 插件
• 代码
• 规范
• 文档
• Technologies and Services

With these tools Facebook can extend its services and is able to receive information on user activities outside of Facebook.

Why do we use Facebook tools on our website?

We only want to show our services and products to people who are genuinely interested in them. With the help of advertisements (Facebook Ads) we can reach exactly these people. However, to be able to show suitable adverts to users, Facebook requires additional information on people’s needs and wishes. Therefore, information on the user behaviour (and contact details) on our website, are provided to Facebook. Consequently, Facebook can collect better user data and is able to display suitable adverts for our products or services. Thanks to the tools it is possible to create targeted, customised ad campaigns of Facebook.

Facebook calls data about your behaviour on our website “event data” and uses them for analytics services. That way, Facebook can create “campaign reports” about our ad campaigns’ effectiveness on our behalf. Moreover, by analyses we can get a better insight in how you use our services, our website or our products. Therefore, some of these tools help us optimise your user experience on our website. With the social plugins for instance, you can share our site’s contents directly on Facebook.

What data is stored by Facebook tools?

With the use of Facebook tools, personal data (customer data) may be sent to Facebook. Depending on the tools used, customer data such as name, address, telephone number and IP address may be transmitted.

Facebook uses this information to match the data with the data it has on you (if you are a Facebook member). However, before the customer data is transferred to Facebook, a so called “Hashing” takes place. This means, that a data record of any size is transformed into a string of characters, which also has the purpose of encrypting data.

Moreover, not only contact data, but also “event data“ is transferred. These data are the information we receive about you on our website. To give an example, it allows us to see what subpages you visit or what products you buy from us. Facebook does not disclose the obtained information to third parties (such as advertisers), unless the company has an explicit permission or is legally obliged to do so. Also, “event data“ can be linked to contact information, which helps Facebook to offer improved, customised adverts. Finally, after the previously mentioned matching process, Facebook deletes the contact data.

To deliver optimised advertisements, Facebook only uses event data, if they have been combined with other data (that have been collected by Facebook in other ways). Facebook also uses event data for the purposes of security, protection, development and research. Many of these data are transmitted to Facebook via cookies. Cookies are little text files, that are used for storing data or information in browsers. Depending on the tools used, and on whether you are a Facebook member, a different number of cookies are placed in your browser. In the descriptions of the individual Facebook tools we will go into more detail on Facebook cookies. You can also find general information about the use of Facebook cookies at https://www.facebook.com/policies/cookies.

How long and where are the data stored?

Facebook fundamentally stores data, until they are no longer of use for their own services and products. Facebook has servers for storing their data all around the world. However, customer data is cleared within 48 hours after they have been matched with their own user data.

How can I erase my data or prevent data retention?

In accordance with the General Data Protection Regulation (GDPR) you have the right of information, rectification, transfer and deletion of your data.

The collected data is only fully deleted, when you delete your entire Facebook account. Deleting your Facebook account works as follows:

1) Click on settings in the top right side in Facebook.

2) Then, click “Your Facebook information“ in the left column.

3) Now click on “Deactivation and deletion”.

4) Choose “Permanently delete account“ and then click on “Continue to account deletion“.

5) Enter your password, click on “continue“ and then on “Delete account“.

The retention of data Facebook receives via our site is done via cookies (e.g. with social plugins), among others. You can deactivate, clear or manage both all and individual cookies in your browser. How this can be done differs depending on the browser you use. The following instructions show, how to manage cookies in your browser:

Chrome：在Chrome中清除、启用和管理Cookie

Safari：在Safari中管理Cookie和网站数据

Firefox：在Firefox中清除Cookie和网站数据

Internet Explorer：删除和管理Cookie

Microsoft Edge：在Microsoft Edge中删除Cookie

If you generally do not want to allow any cookies at all, you can set up your browser to notify you whenever a cookie is about to be set. This gives you the opportunity to decide upon the permission or deletion of every single cookie.

法律依据

If you have consented to your data being processed and stored by integrated Facebook tools, this consent is the legal basis for data processing (Art. 6 para. 1 lit. a GDPR). Generally, your data is also stored and processed on the basis of our legitimate interest (Art. 6 para. 1 lit. f GDPR) to maintain fast and good communication with you or other customers and business partners. Nevertheless, we only use these tools if you have given your consent. Most social media platforms also set cookies on your browser to store data. We therefore recommend you to read our privacy policy about cookies carefully and to take a look at the privacy policy or Facebook’s cookie policy.

Facebook processes data from you, among other things, in the USA. Facebook respectively Meta Platforms is an active participant in the EU-US Data Privacy Framework, which regulates the correct and secure transfer of personal data from EU citizens to the USA. More information can be found at https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.

Additionally, Facebook uses so-called Standard Contractual Clauses (Article 46(2) and (3) GDPR). Standard Contractual Clauses (SCC) are template clauses provided by the EU Commission and are designed to ensure that your data complies with European data protection standards, even when transferred and stored in third countries (such as the USA). Through the EU-US Data Privacy Framework and the Standard Contractual Clauses, Facebook commits to maintaining the European data protection level when processing your relevant data, even if the data is stored, processed, and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding Standard Contractual Clauses here: https://ec.europa.eu/commission/presscorner/detail/en/ip_21_2847.

The Facebook Data Processing Term, which references the Standard Contractual Clauses, can be found at https://www.facebook.com/legal/terms/dataprocessing.

We hope we could give you an understanding of the most important information about the use of Facebook tools and data processing. If you want to find out more on how Facebook use your data, we recommend reading the data policies at https://www.facebook.com/about/privacy/update.

Facebook Lookalike Audience Privacy Policy

We also use the advertising tool Facebook Lookalike Audience. The service provider is the American company Meta Platforms Inc. For the European area, the company Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland) is responsible.

Meta Platforms processes data from you, among other things, in the USA. Meta Platforms is an active participant in the EU-US Data Privacy Framework, which regulates the correct and secure transfer of personal data from EU citizens to the USA. More information can be found at https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.

Additionally, Meta Platforms uses so-called Standard Contractual Clauses (Article 46(2) and (3) GDPR). Standard Contractual Clauses (SCC) are template clauses provided by the EU Commission and are designed to ensure that your data complies with European data protection standards, even when transferred and stored in third countries (such as the USA). Through the EU-US Data Privacy Framework and the Standard Contractual Clauses, Meta Platforms commits to maintaining the European data protection level when processing your relevant data, even if the data is stored, processed, and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding Standard Contractual Clauses here: https://ec.europa.eu/commission/presscorner/detail/en/ip_21_2847.

The Facebook Data Processing Terms, which reference the Standard Contractual Clauses, can be found at https://www.facebook.com/legal/terms/dataprocessing.

You can learn more about the data processed through the use of Facebook Lookalike Audience in the Privacy Policy at https://www.facebook.com/about/privacy.

Facebook Social Plugins Privacy Policy

We installed so-called social plugins from Facebook Inc. to our website. You can recognise these buttons by the classic Facebook logo, the “Like” button (hand with raised thumb) or by a “Facebook plugin” label. A social plugin is a small part of Facebook that is integrated into our page. Each plugin has its own function. The most used functions are the well-known “Like” and “Share” buttons.

Facebook offers the following social plugins:

• “Save” button
• “Like” button, Share, Send and Quote
• Page plugin
• Comments
• Messenger plugin
• Embedded posts and video player
• Group Plugin

At https://developers.facebook.com/docs/plugins you will find more information on how the individual plugins are used. On the one hand, we use the social plug-ins to offer you a better user experience on our site, and on the other hand because Facebook can optimise our advertisements with it.

If you have a Facebook account or have already visited facebook.com, Facebook has already placed at least one cookie in your browser. In this case, your browser sends information to Facebook via this cookie as soon as you visit our website or interact with social plugins (e.g. the “Like” button).

The received information will be deleted or anonymised within 90 days. According to Facebook, this data includes your IP address, the websites you have visited, the date, time and other information relating to your browser.

In order to prevent Facebook from collecting much data and matching it with your Facebook data during your visit to our website, you must log out of Facebook while you visit our website.

If you are not logged in to Facebook or do not have a Facebook account, your browser sends less information to Facebook because you have fewer Facebook cookies. Nevertheless, data such as your IP address or which website you are visiting can be transmitted to Facebook. We would like to explicitly point out that we do not know what exact data is collected. However, based on our current knowledge, we want to try informing you as best we can about data processing. You can also read about how Facebook uses the data in the company’s data policy at https://www.facebook.com/about/privacy/update.

At least the following cookies are set in your browser when you visit a website with social plugins from Facebook:

名称： dpr
数值： no information
用途：This cookie is used to make the social plugins work on our website.
到期日期： after end of session

名称： fr
数值： 0jieyh4122952900c2GnlufEJ9..Bde09j…1.0.Bde09j
用途：该Cookie对于插件的正常运行也是必要的
到期日期： 3个月后

注意： 这些Cookie是在我们的测试后设置的，即使您不是Facebook会员也可能被放置。

如果您已注册Facebook，您可以在以下位置自行更改广告设置 https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen。如果您不是Facebook用户，您可以访问 https://www.youronlinechoices.com/uk/your-ad-choices/ 并管理您的基于使用的在线广告。在那里，您可以选择停用或启用服务提供商。

如果您想了解更多关于Facebook数据保护的信息，我们建议您查阅该公司的数据政策，网址为 https://www.facebook.com/policy.php.

Facebook粉丝专页隐私政策

我们的网站也有一个Facebook粉丝专页。该服务的提供商是美国公司Meta Platforms Inc.，欧洲地区的负责人是Meta Platforms Ireland Limited（地址：4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland）。

Facebook processes data from you, among other things, in the USA. Facebook respectively Meta Platforms is an active participant in the EU-US Data Privacy Framework, which regulates the correct and secure transfer of personal data from EU citizens to the USA. More information can be found at https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.

Additionally, Facebook uses so-called Standard Contractual Clauses (Article 46(2) and (3) GDPR). Standard Contractual Clauses (SCC) are template clauses provided by the EU Commission and are designed to ensure that your data complies with European data protection standards, even when transferred and stored in third countries (such as the USA). Through the EU-US Data Privacy Framework and the Standard Contractual Clauses, Facebook commits to maintaining the European data protection level when processing your relevant data, even if the data is stored, processed, and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding Standard Contractual Clauses here: https://ec.europa.eu/commission/presscorner/detail/en/ip_21_2847.

The Facebook Data Processing Term, which references the Standard Contractual Clauses, can be found at https://www.facebook.com/legal/terms/dataprocessing.

您可以在他们的隐私政策中了解更多关于使用Facebook时处理的数据 https://www.facebook.com/about/privacy.

Instagram Privacy Policy

What is Instagram?

We have integrated functions of Instagram to our website. Instagram is a social media platform of the company Instagram LLC, 1601 Willow Rd, Menlo Park CA 94025, USA. Since 2012, Instagram is a subsidiary company of Facebook Inc. and is a part of Facebook’s products. The inclusion of Instagram’s contents on our website is called embedding. With this, we can show you Instagram contents such as buttons, photos or videos directly on our website. If you open websites of our online presence, that have an integrated Instagram function, data gets transmitted to, as well as stored and processed by Instagram. Instagram uses the same systems and technologies as Facebook. Therefore, your data will be processed across all Facebook firms.

In the following, we want to give you a more detailed insight on why Instagram collects data, what data these are and how you can control data processing. As Instagram belongs to Facebook Inc., we have, on the one hand received this information from the Instagram guidelines, and on the other hand from Facebook’s Data Policy.

Instagram is one of the most famous social media networks worldwide. Instagram combines the benefits of a blog with the benefits of audio-visual platforms such as YouTube or Vimeo. To “Insta“ (how the platform is casually called by many users) you can upload photos and short videos, edit them with different filters and also share them to other social networks. Also, if you do not want to be active on Instagram yourself, you can just follow other interesting users.

Why do we use Instagram on our website?

Instagram is a social media platform whose success has skyrocketed within recent years. Naturally, we have also reacted to this boom. We want you to feel as comfortable as possible on our website. Therefore, we attach great importance to diversified contents. With the embedded Instagram features we can enrich our content with helpful, funny or exciting Instagram contents. Since Instagram is a subsidiary company of Facebook, the collected data can also serve us for customised advertising on Facebook. Hence, only persons who are genuinely interested in our products or services can see our ads.

Instagram also uses the collected data for tracking and analysis purposes. We receive summarised statistics and therefore more insight to your wishes and interests. It is important to mention that these reports do not identify you personally.

What data is stored by Instagram?

Whenever you land on one of our sites, which have Instagram functions (i.e. Instagram photos or plugins) integrated to them, your browser automatically connects with Instagram’s servers. Thereby, data is sent to, as well as saved and processed by Instagram. This always happens, whether you have an Instagram account or not. Moreover, it includes information on our website, your computer, your purchases, the advertisements you see and on how you use our offer. The date and time of your interaction is also stored. If you have an Instagram account or are logged in, Instagram saves significantly more data on you.

Facebook distinguishes between customer data and event data. We assume this is also the case for Instagram. Customer data are for example names, addresses, phone numbers and IP addresses. These data are only transmitted to Instagram, if they have been “hashed” first. Thereby, a set of data is transformed into a string of characters, which encrypts any contact data. Moreover, the aforementioned “event data“ (data on your user behaviour) is transmitted as well. It is also possible, that contact data may get combined with event data. The collected data data is matched with any data Instagram already has on you.

Furthermore, the gathered data are transferred to Facebook via little text files (cookies) which usually get set in your browser. Depending on the Instagram function used, and whether you have an Instagram account yourself, the amount of data that gets stored varies.

We assume data processing on Instagram works the same way as on Facebook. Therefore, if you have an account on Instagram or have visited www.instagram.com, Instagram has set at least one cookie. If this is the case, your browser uses the cookie to send information to Instagram, as soon as you come across an Instagram function. No later than 90 days (after matching) the data is deleted or anonymised. Even though we have studied Instagram’s data processing in-depth, we cannot tell for sure what exact data Instagram collects and retains.

接下来我们将向您展示在点击Instagram功能（例如按钮或Insta图片）时，您的浏览器中设置的最少Cookie列表。在我们的测试中，我们假设您没有Instagram账户，因为如果您已登录Instagram账户，您的浏览器会设置更多的Cookie。

在我们的测试中使用了以下Cookie：

名称： csrftoken
数值： “”
用途： 此Cookie很可能是出于安全原因设置的，用于防止请求伪造。我们无法获得更多相关信息。
到期日期： 一年后

名称： mid
数值： “”
用途： Instagram设置此Cookie以优化其在Instagram内外的产品和服务。该Cookie分配一个唯一的用户ID。
到期日期： after end of session

名称： fbsr_122952900124024
数值： no information
用途： 此Cookie用于存储Instagram应用用户的登录请求。
到期日期： after end of session

名称： rur
数值： ATN
用途： This is an Instagram cookie which guarantees functionality on Instagram.
到期日期： after end of session

名称： urlgen
数值： “{”194.96.75.33”: 1901}:1iEtYv:Y833k2_UjKvXgYe122952900”
用途： This cookie serves Instagram’s marketing purposes.
到期日期： after end of session

注意： We do not claim this list to be exhaustive. The cookies that are placed in each individual case, depend on the functions embedded as well as on your use of Instagram.

How long and where are these data stored?

Instagram shares the information obtained within the Facebook businesses with external partners and persons you are globally connected with. Data processing is done according to Facebook’s internal data policy. Your data is distributed to Facebook’s servers across the world, partially for security reasons. Most of these servers are in the USA.

How can I erase my data or prevent data retention?

Thanks to the General Data Protection Regulation (GDPR), you have the right of information, rectification, transfer and deletion of your data. Furthermore, you can manage your data in Instagram’s settings. If you want to delete your data on Instagram completely, you will have to delete your Instagram account permanently.

And this is how an Instagram account can be deleted:

First, open the Instagram app. Then, navigate to your profile page, select the three bars in the top right, choose “Settings” and then click “Help”. Now, you will be redirected to the company’s website, where you must click on “Managing Your Account” and then “Delete Your Account”.

When you delete your account completely, Instagram deletes posts such as your photos and status updates. Any information other people shared about you are not a part of your account and do therefore not get deleted.

As mentioned before, Instagram primarily stores your data via cookies. You can manage, deactivate or delete these cookies in your browser. Depending on your browser, managing them varies a bit. We will show you the instructions of the most relevant browsers here.

Chrome：在Chrome中清除、启用和管理Cookie

Safari：在Safari中管理Cookie和网站数据

Firefox：在Firefox中清除Cookie和网站数据

Internet Explorer：删除和管理Cookie

Microsoft Edge：在Microsoft Edge中删除Cookie

Generally, you can set your browser to notify you whenever a cookie is about to be set. Then you can individually decide upon the permission of every cookie.

法律依据

If you have consented to the processing and storage of your data by integrated social media elements, this consent is the legal basis for data processing (Art. 6 para. 1 lit. a GDPR) . Generally, your data is also stored and processed on the basis of our legitimate interest (Art. 6 para. 1 lit. f GDPR) to maintain fast and good communication with you or other customers and business partners. We only use the integrated social media elements if you have given your consent. Most social media platforms also place cookies in your browser to store data. We therefore recommend you to read our privacy policy about cookies carefully and to take a look at the privacy policy or the cookie policy of the respective service provider.

Instagram processes data from you, among other things, in the USA. Instagram respectively Meta Platforms is an active participant in the EU-US Data Privacy Framework, which regulates the correct and secure transfer of personal data from EU citizens to the USA. More information can be found at https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.

Additionally, Instagram uses so-called Standard Contractual Clauses (Article 46(2) and (3) GDPR). Standard Contractual Clauses (SCC) are template clauses provided by the EU Commission and are designed to ensure that your data complies with European data protection standards, even when transferred and stored in third countries (such as the USA). Through the EU-US Data Privacy Framework and the Standard Contractual Clauses, Instagram commits to maintaining the European data protection level when processing your relevant data, even if the data is stored, processed, and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding Standard Contractual Clauses here: https://ec.europa.eu/commission/presscorner/detail/en/ip_21_2847.

We have tried to give you the most important information about data processing by Instagram. On https://help.instagram.com/519522125107875
you can take a closer look at Instagram’s data guidelines.

Instagram Lookalike Audience Privacy Policy

We also use the advertising tool Instagram Lookalike Audience. The service provider is the American company Meta Platforms Inc. For the European area, the company Meta Platforms Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland) is responsible.

Meta Platforms processes data from you, among other things, in the USA. Meta Platforms is an active participant in the EU-US Data Privacy Framework, which regulates the correct and secure transfer of personal data from EU citizens to the USA. More information can be found at https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.

Additionally, Meta Platforms uses so-called Standard Contractual Clauses (Article 46(2) and (3) GDPR). Standard Contractual Clauses (SCC) are template clauses provided by the EU Commission and are designed to ensure that your data complies with European data protection standards, even when transferred and stored in third countries (such as the USA). Through the EU-US Data Privacy Framework and the Standard Contractual Clauses, Meta Platforms commits to maintaining the European data protection level when processing your relevant data, even if the data is stored, processed, and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding Standard Contractual Clauses here: https://ec.europa.eu/commission/presscorner/detail/en/ip_21_2847.

The Instagram Data Processing Terms, which reference the Standard Contractual Clauses, can be found at https://www.facebook.com/legal/terms/dataprocessing.

You can learn more about the data processed through the use of Instagram Lookalike Audience in the Privacy Policy at https://privacycenter.instagram.com/policy/.

LinkedIn Privacy Policy

What is LinkedIn?

On our website we use social plugins from the social media network LinkedIn, of the LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. Social plugins can be feeds, content sharing or a link to our LinkedIn page. Social plugins are clearly marked with the well-known LinkedIn logo and for example allow sharing interesting content directly via our website. Moreover, LinkedIn Ireland Unlimited Company Wilton Place in Dublin is responsible for data processing in the European Economic Area and Switzerland.

By embedding these plugins, data can be sent to, as well as stored and processed by LinkedIn. In this privacy policy we want to inform you what data this is, how the network uses this data and how you can manage or prevent data retention.

LinkedIn is the largest social network for business contacts. In contrast to e.g. Facebook, LinkedIn focuses exclusively on establishing business connections. Therefore, companies can present services and products on the platform and establish business relationships. Many people also use LinkedIn to find a job or to find suitable employees for their own company. In Germany alone, the network has over 11 million members. In Austria there are about 1.3 million.

Why do we use LinkedIn on our website?

We know how busy you are. You just cannot keep up with following every single social media channel. Even if it would really be worth it, as it is with our channels, since we keep posting interesting news and articles worth spreading. Therefore, on our website we have created the opportunity to share interesting content directly on LinkedIn, or to refer directly to our LinkedIn page. We consider built-in social plugins as an extended service on our website. The data LinkedIn collects also help us to display potential advertising measures only to people who are interested in our offer.

What data are stored by LinkedIn?

LinkedIn stores no personal data due to the mere integration of social plugins. LinkedIn calls the data generated by plugins passive impressions. However, if you click on a social plugin to e.g. share our content, the platform stores personal data as so-called “active impressions”. This happens regardless of whether you have a LinkedIn account or not. If you are logged in, the collected data will be assigned to your account.

When you interact with our plugins, your browser establishes a direct connection to LinkedIn’s servers. Through that, the company logs various usage data. These may include your IP address, login data, device information or information about your internet or cellular provider. If you use LinkedIn services via your smartphone, your location may also be identified (after you have given permission). Moreover, LinkedIn can share these data with third-party advertisers in “hashed” form. Hashing means that a data set is transformed into a character string. This allows data to be encrypted, which prevents persons from getting identified.

Most data on of your user behaviour is stored in cookies. These are small text files that usually get placed in your browser. Furthermore, LinkedIn can also use web beacons, pixel tags, display tags and other device recognitions.

Various tests also show which cookies are set when a user interacts with a social plug-in. We do not claim for the information we found to be exhaustive, as it only serves as an example. The following cookies were set without being logged in to LinkedIn:

名称： bcookie
数值： =2&34aab2aa-2ae1-4d2a-8baf-c2e2d7235c16122952900-
用途： 此 Cookie 是所谓的“浏览器 ID Cookie”，用于存储您的识别号码（ID）。
到期日期： 2年后

名称： lang
数值： v=2&lang=zh-cn
用途：此 Cookie 会保存您的默认或首选语言。
到期日期： after end of session

名称： lidc
数值： 1818367:t=1571904767:s=AQF6KNnJ0G122952900…
用途：此 Cookie 用于路由。路由记录您如何进入 LinkedIn 以及您如何在网站中导航。
到期日期： 24 小时后

名称： rtc
数值： kt0lrv3NF3x3t6xvDgGrZGDKkX
用途：No further information could be found about this cookie.
到期日期： after 2 minutes

名称： JSESSIONID
数值： ajax:1229529002900777718326218137
用途： This is a session cookie that LinkedIn uses to maintain anonymous user sessions through the server.
到期日期： after end of session

名称： bscookie
数值： “v=1&201910230812…
用途： This cookie is a security cookie. LinkedIn describes it as a secure browser ID cookie.
到期日期： 2年后

名称： fid
数值： AQHj7Ii23ZBcqAAAA…
用途： We could not find any further information about this cookie.
到期日期： after 7 days

注意： LinkedIn also works with third parties. That is why we identified the Google Analytics cookies _ga and _gat in our test.

How long and where are the data stored?

In general, LinkedIn retains your personal data for as long as the company considers it necessary for providing its services. However, LinkedIn deletes your personal data when you delete your account. In some exceptional cases, LinkedIn keeps some summarised and anonymised data, even account deletions. As soon as you delete your account, it may take up to a day until other people can no longer see your data. LinkedIn generally deletes the data within 30 days. However, LinkedIn retains data if it is necessary for legal reasons. Also, data that can no longer be assigned to any person remains stored even after the account is closed. The data are stored on various servers in America and presumably also in Europe.

我如何删除我的数据或防止数据被保存？

You have the right to access and delete your personal data at any time. In your LinkedIn account you can manage, change and delete your data. Moreover, you can request a copy of your personal data from LinkedIn.

How to access account data in your LinkedIn profile:

In LinkedIn, click on your profile icon and select the “Settings & Privacy” section. Now click on “Privacy” and then on the section “How LinkedIn uses your data on”. Then, click “Change” in the row with “Manage your data and activity”. There you can instantly view selected data on your web activity and your account history.

In your browser you also have the option of preventing data processing by LinkedIn. As mentioned above, LinkedIn stores most data via cookies that are placed in your browser. You can manage, deactivate or delete these cookies. Depending on which browser you have, these settings work a little different. You can find the instructions for the most common browsers here:

Chrome：在Chrome中清除、启用和管理Cookie

Safari：在Safari中管理Cookie和网站数据

Firefox：在Firefox中清除Cookie和网站数据

Internet Explorer：删除和管理Cookie

Microsoft Edge：在Microsoft Edge中删除Cookie

You can generally set your browser to always notify you when a cookie is about to be set. Then you can always decide individually whether you want to allow the cookie or not.

法律依据

If you have consented to the processing and storage of your data by integrated social media elements, your consent is the legal basis for data processing (Art. 6 para. 1 lit. a GDPR). Generally, your data is also stored and processed on the basis of our legitimate interest (Art. 6 para. 1 lit. f GDPR) to maintain fast and good communication with you or other customers and business partners. We only use the integrated social media elements if you have given your consent. Most social media platforms also place cookies in your browser to store data. We therefore recommend you to read our privacy policy about cookies carefully and take a look at the privacy policy or the cookie policy of the respective service provider.

LinkedIn processes data from you, among other things, in the USA. LinkedIn is an active participant in the EU-US Data Privacy Framework, which regulates the correct and secure transfer of personal data from EU citizens to the USA. More information can be found at https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.

Additionally, LinkedIn uses so-called Standard Contractual Clauses (Article 46(2) and (3) GDPR). Standard Contractual Clauses (SCC) are template clauses provided by the EU Commission and are designed to ensure that your data complies with European data protection standards, even when transferred and stored in third countries (such as the USA). Through the EU-US Data Privacy Framework and the Standard Contractual Clauses, LinkedIn commits to maintaining the European data protection level when processing your relevant data, even if the data is stored, processed, and managed in the USA. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding Standard Contractual Clauses here: https://ec.europa.eu/commission/presscorner/detail/en/ip_21_2847.

You can find more information about the standard contractual clauses at LinkedIn here: https://www.linkedin.com/legal/l/customer-sccs.

You can find out more about the data that is processed by LinkedIn in their Privacy Policy at https://www.linkedin.com/legal/privacy-policy.

Data Processing Agreement (DPA) LinkedIn

In accordance with Article 28 of the General Data Protection Regulation (GDPR), we have entered into a Data Processing Agreement (DPA) with LinkedIn. What exactly a DPA is and especially what must be included in a DPA, you can read in our general section “Data Processing Agreement (DPA)”.

This contract is required by law because LinkedIn processes personal data on our behalf. It clarifies that LinkedIn may only process data they receive from us according to our instructions and must comply with the GDPR. You can find the link to the Data Processing Agreement (DPA) under https://www.linkedin.com/legal/l/dpa?.

Cookie Consent Management Platform

What is a cookie consent management platform?

We use a Consent Management Platform (CMP) software on our website that makes it easier for us and you to handle the scripts and cookies used correctly and securely. The software automatically creates a cookie pop-up, scans and controls all scripts and cookies, provides you with the cookie consent required under data protection law and helps you and us to keep track of all cookies. Most cookie consent management tools identify and categorize all existing cookies. As a website visitor, you then decide for yourself whether and which scripts and cookies you allow or not. The following graphic shows the relationship between browser, web server and CMP.

Why do we use a cookie management tool?

Our goal is to offer you the best possible transparency in the area of ​​data protection. We are also legally obliged to do so. We want to inform you as well as possible about all tools and all cookies that can save and process your data. It is also your right to decide for yourself which cookies you accept and which you do not. In order to grant you this right, we first need to know exactly which cookies actually landed on our website. Thanks to a cookie management tool, which regularly scans the website for all cookies present, we know about all cookies and can provide you with GDPR-compliant information. You can then use the consent system to accept or reject cookies.

处理哪些数据？

As part of our cookie management tool, you can manage each individual cookie yourself and have complete control over the storage and processing of your data. The declaration of your consent is stored so that we do not have to ask you every time you visit our website and we can also prove your consent if required by law. This is saved either in an opt-in cookie or on a server. The storage time of your cookie consent varies depending on the provider of the cookie management tool. Usually this data (e.g. pseudonymous user ID, time of consent, detailed information on the cookie categories or tools, browser, device information) is stored for up to two years.

数据处理期限

We will inform you below about the duration of the data processing if we have further information. In general, we only process personal data for as long as is absolutely necessary for the provision of our services and products. Data stored in cookies are stored for different lengths of time. Some cookies are deleted after you leave the website, others may be stored in your browser for a few years. The exact duration of the data processing depends on the tool used, in most cases you should be prepared for a storage period of several years. In the respective data protection declarations of the individual providers, you will usually receive precise information about the duration of the data processing.

Right of objection

You also have the right and the option to revoke your consent to the use of cookies at any time. This works either via our cookie management tool or via other opt-out functions. For example, you can also prevent data collection by cookies by managing, deactivating or deleting cookies in your browser.

Information on special cookie management tools can be found – if available – in the following sections.

法律依据

If you agree to cookies, your personal data will be processed and stored via these cookies. If we are allowed to use cookies with your 同意 (Article 6 paragraph 1 lit. a GDPR), this consent is also the legal basis for the use of cookies and the processing of your data. In order to be able to manage the consent to cookies and to enable you to give your consent, a cookie consent management platform software is used. The use of this software enables us to operate the website in an efficient and legally compliant manner, which is a legitimate interest (Article 6 paragraph 1 lit. f GDPR).

BorlabsCookie Privacy Policy

On our website we use BorlabsCookie, which is one of the tools that store your consent to cookies. The provider of this service is the German company Borlabs – Benjamin A. Bornschein, Rübenkamp 32, 22305 Hamburg, Germany. You can find out more about the data that is processed by the use of BorlabsCookie in their Privacy Policy at https://borlabs.io/privacy/.

Security & Anti-spam

What is Security & Anti-spam software?

So-called security & Anti-spam software can protect you and us from various spam or phishing emails and other potential cyber-attacks. Spam includes advertising emails from mass mailings that you did not sign up for yourself. Such emails are also called data garbage and can also cause costs. Other spam such as phishing emails, on the other hand, are messages that aim to gain trust via fake messages or websites in order to obtain personal information. Anti-spam software usually protects against unwanted spam messages or malicious emails that could inject viruses into our system. We also use general firewall and security systems that protect our devices from unwanted network attacks.

Why do we use Security & Anti-spam software?

We put great importance on our website’s security. After all, this is not just about our safety, but also about your safety. Unfortunately, cyber threats are now part of everyday life in the world of IT and the internet. Hackers e. g. often try to steal personal data from IT systems with the help of cyber attacks. And therefore a good defence system is absolutely necessary. A security system monitors all incoming and outgoing connections to our network or computer. In order to achieve even greater security against cyber attacks, we also use other external security services on our devices in addition to standardised security systems. Unauthorised data transmissions are thus better prevented and this is how we protect ourselves from cybercrime.

Which data are processed by Security & Anti-spam software?

The data that is collected and stored of course depends on the respective service. However, we always try to only use programs that collect data very sparingly or only store data that is necessary for the fulfilment of the offered service. In general, the service may store data such as name, address, IP address, email address and technical data such as browser type or browser version. Any performance and log data may also be collected in order to identify possible incoming threats in good time. This data will be processed as part of the provided services and in compliance with applicable laws. This also includes the GDPR for US providers (via the Standard Contractual Clauses). In some cases, security services also work with third parties who may store and/or process data under instructions and in accordance with privacy policies and other security measures. Data is usually stored using cookies.

数据处理期限

We will inform you below about the duration of data processing, provided we have further information on this. For example, security programs store data until you or we revoke data storage. In general, personal data is only stored for as long as is absolutely necessary for the provision of the services. Unfortunately, in many cases, we do not have precise information from the providers about their data storage periods.

反对权

You also have the right and the option to revoke your consent to the use of cookies or third-party security software at any time. This can be done either via our cookie management tool or via other opt-out functions. For example, you can also prevent data collection through cookies by managing, deactivating or erasing the cookies in your browser.

Since cookies may also be used with security services, we recommend you read our privacy policy on cookies. To find out exactly which of your data is stored and processed, you should read the privacy policies of the respective tools.

法律依据

We use security services mainly on the basis of our legitimate interests (Art. 6 Para. 1 lit. f GDPR) in a good security system and protection against various cyber attacks.

Certain data processing requires your consent – in particular, the use of cookies and security functions. If you have agreed to the processing and storage of your data by integrated security services, your consent is the legal basis for data processing (Article 6 (1) (a) GDPR). Most of the services we use set cookies on your browser to store data. We, therefore, recommend you read our privacy policy on cookies carefully and consult the privacy policy or cookie policy of the relevant service provider.

Information on special tools – if available – can be found in the following sections.

Google reCAPTCHA Privacy Policy

What is reCAPTCHA?

Our primary goal is to provide you an experience on our website that is as secure and protected as possible. To do this, we use Google reCAPTCHA from Google Inc. (1600 Amphitheater Parkway Mountain View, CA 94043, USA). With reCAPTCHA we can determine whether you are a real person from flesh and bones, and not a robot or a spam software. By spam we mean any electronically undesirable information we receive involuntarily. Classic CAPTCHAS usually needed you to solve text or picture puzzles to check. But thanks to Google’s reCAPTCHA you usually do have to do such puzzles. Most of the times it is enough to simply tick a box and confirm you are not a bot. With the new Invisible reCAPTCHA version you don’t even have to tick a box. In this privacy policy you will find out how exactly this works, and what data is used for it.

reCAPTCHA is a free captcha service from Google that protects websites from spam software and misuse by non-human visitors. This service is used the most when you fill out forms on the Internet. A captcha service is a type of automatic Turing-test that is designed to ensure specific actions on the Internet are done by human beings and not bots. During the classic Turing-test (named after computer scientist Alan Turing), a person differentiates between bot and human. With Captchas, a computer or software program does the same. Classic captchas function with small tasks that are easy to solve for humans but provide considerable difficulties to machines. With reCAPTCHA, you no longer must actively solve puzzles. The tool uses modern risk techniques to distinguish people from bots. The only thing you must do there, is to tick the text field “I am not a robot”. However, with Invisible reCAPTCHA even that is no longer necessary. reCAPTCHA, integrates a JavaScript element into the source text, after which the tool then runs in the background and analyses your user behaviour. The software calculates a so-called captcha score from your user actions. Google uses this score to calculate the likelihood of you being a human, before entering the captcha. reCAPTCHA and Captchas in general are used every time bots could manipulate or misuse certain actions (such as registrations, surveys, etc.).

Why do we use reCAPTCHA on our website?

We only want to welcome people from flesh and bones on our side and want bots or spam software of all kinds to stay away. Therefore, we are doing everything we can to stay protected and to offer you the highest possible user friendliness. For this reason, we use Google reCAPTCHA from Google. Thus, we can be pretty sure that we will remain a “bot-free” website. Using reCAPTCHA, data is transmitted to Google to determine whether you genuinely are human. reCAPTCHA thus ensures our website’s and subsequently your security. Without reCAPTCHA it could e.g. happen that a bot would register as many email addresses as possible when registering, in order to subsequently “spam” forums or blogs with unwanted advertising content. With reCAPTCHA we can avoid such bot attacks.

What data is stored by reCAPTCHA?

reCAPTCHA collects personal user data to determine whether the actions on our website are made by people. Thus, IP addresses and other data Google needs for its reCAPTCHA service, may be sent to Google. Within member states of the European Economic Area, IP addresses are almost always compressed before the data makes its way to a server in the USA. Moreover, your IP address will not be combined with any other of Google’s data, unless you are logged into your Google account while using reCAPTCHA. Firstly, the reCAPTCHA algorithm checks whether Google cookies from other Google services (YouTube, Gmail, etc.) have already been placed in your browser. Then reCAPTCHA sets an additional cookie in your browser and takes a snapshot of your browser window.

The following list of collected browser and user data is not exhaustive. Rather, it provides examples of data, which to our knowledge, is processed by Google.

• Referrer URL (the address of the page the visitor has come from)
• IP-address (z.B. 256.123.123.1)
• Information on the operating system (the software that enables the operation of your computers. Popular operating systems are Windows, Mac OS X or Linux)
• Cookies (small text files that save data in your browser)
• Mouse and keyboard behaviour (every action you take with your mouse or keyboard is stored)
• Date and language settings (the language and date you have set on your PC is saved)
• 所有JavaScript对象（JavaScript是一种允许网站根据用户进行自适应的编程语言。JavaScript对象可以将各种数据收集到一个名称下）
• 屏幕分辨率（显示图像显示器由多少像素组成）

谷歌可能会在你点击“我不是机器人”复选框之前就使用和分析这些数据。在Invisible reCAPTCHA版本中，甚至无需勾选，因为整个识别过程都在后台运行。此外，谷歌并未透露他们保留了哪些信息以及保留了多少数据。

reCAPTCHA使用了以下Cookie：以下列表指的是谷歌reCAPTCHA演示版本在 https://www.google.com/recaptcha/api2/demo.
出于跟踪目的，所有这些Cookie都需要一个唯一标识符。以下是谷歌reCAPTCHA在演示版本中设置的Cookie列表：

名称： IDE
数值： WqTUmlnmv_qXyi_DGNPLESKnRNrpgXoy1K-pAZtAkMbHI-122952900-8
用途： 该Cookie由DoubleClick（谷歌旗下）设置，用于记录和报告用户与广告的互动。通过它可以衡量广告效果，并采取相应的优化措施。IDE会以doubleclick.net域名存储在浏览器中。
到期日期： 一年后

名称： 1P_JAR
数值： 2019-5-14-12
用途： 该Cookie收集网站使用统计数据并衡量转化率。例如，当用户成为买家时就发生了转化。该Cookie还用于向用户展示相关广告。此外，该Cookie可以防止用户多次看到同一广告。
到期日期： after one month

名称： ANID
数值： U7j1v3dZa1229529000xgZFmiqWppRWKOr
用途： We could not find out much about this cookie. In Google’s privacy statement, the cookie is mentioned in connection with “advertising cookies” such as “DSID”, “FLC”, “AID” and “TAID”. ANID is stored under the domain google.com.
到期日期： after 9 months

名称： CONSENT
数值： YES+AT.de+20150628-20-0
用途： This cookie stores the status of a user’s consent to the use of various Google services. CONSENT also serves to prevent fraudulent logins and to protect user data from unauthorised attacks.
到期日期： after 19 years

名称： NID
数值： 0WmuWqy122952900zILzqV_nmt3sDXwPeM5Q
用途： Google uses NID to customise advertisements to your Google searches. With the help of cookies, Google “remembers” your most frequently entered search queries or your previous ad interactions. Thus, you always receive advertisements tailored to you. The cookie contains a unique ID to collect users’ personal settings for advertising purposes.
到期日期： after 6 months

名称： DV
数值： gEAABBCjJMXcI0dSAAAANbqc122952900-4
用途： This cookie is set when you tick the “I am not a robot” checkmark. Google Analytics uses the cookie personalised advertising. DV collects anonymous information and is also used to distinct between users.
到期日期： after 10 minutes

注意： We do not claim for this list to be extensive, as Google often change the choice of their cookies.

How long and where are the data stored?

Due to the integration of reCAPTCHA, your data will be transferred to the Google server. Google have not disclosed where exactly this data is stored, despite repeated inquiries. But even without confirmation from Google, it can be assumed that data such as mouse interaction, length of stay on a website or language settings are stored on the European or American Google servers. The IP address that your browser transmits to Google does generally not get merged with other Google data from the company’s other services.
However, the data will be merged if you are logged in to your Google account while using the reCAPTCHA plug-in. Google’s diverging privacy policy applies for this.

How can I erase my data or prevent data retention?

If you want to prevent any data about you and your behaviour to be transmitted to Google, you must fully log out of Google and delete all Google cookies before visiting our website or use the reCAPTCHA software. Generally, the data is automatically sent to Google as soon as you visit our website. To delete this data, you must contact Google Support at https://support.google.com/?hl=en-GB&tid=122952900.

If you use our website, you agree that Google LLC and its representatives automatically collect, edit and use data.

Please note that when using this tool, your data can also be stored and processed outside the EU. Most third countries (including the USA) are not considered secure under current European data protection law. Data to insecure third countries must not simply be transferred to, stored and processed there unless there are suitable guarantees (such as EU’s Standard Contractual Clauses) between us and the non-European service provider.

法律依据

If you have consented to the use of Google reCAPTCHA, your consent is the legal basis for the corresponding data processing. According to Art. 6 Paragraph 1 lit. a GDPR (consent) your consent is the legal basis for the processing of personal data, as can occur when processed by Google reCAPTCHA.

We also have a legitimate interest in using Google reCAPTCHA to optimise our online service and make it more secure. The corresponding legal basis for this is 《通用数据保护条例》第6条第1款f项（合法利益）. Nevertheless, we only use Google reCAPTCHA if you have given your consent to it.

谷歌还会在美国等地处理您的数据。谷歌是欧盟-美国数据隐私框架的积极参与者，该框架规范了欧盟公民个人数据向美国的正确和安全传输。更多信息请参见 https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.

此外，谷歌还使用所谓的标准合同条款（《通用数据保护条例》第46条第2款和第3款）。标准合同条款（SCC）是欧盟委员会提供的模板条款，旨在确保您的数据即使在传输和存储于第三国（如美国）时也符合欧洲数据保护标准。通过欧盟-美国数据隐私框架和标准合同条款，谷歌承诺在处理您的相关数据时，即使数据在美国存储、处理和管理，也会保持欧洲数据保护水平。这些条款基于欧盟委员会的实施决定。您可以在此处找到该决定及相应的标准合同条款： https://ec.europa.eu/commission/presscorner/detail/en/ip_21_2847.

您可以在以下网址找到涉及标准合同条款的 Google Ads 数据处理条款： https://business.safety.google/intl/en/adsprocessorterms/

You can find out a little more about reCAPTCHA on Google’s web developer page at https://developers.google.com/recaptcha/. Google goes into the technical development of the reCAPTCHA in more detail here, but you will look in vain for detailed information about data storage and data protection issues. A good overview of the basic use of data by Google can be found in the in-house data protection declaration at https://policies.google.com/privacy?hl=en-GB.

Audio & Video

What are audio and video elements?

We have integrated audio and video elements to our website. Therefore, you can watch videos or listen to music/podcasts directly via our website. This content is delivered by service providers and is obtained from the respective providers’ servers.

Audio and video elements are integrated functional elements of platforms such as YouTube, Vimeo or Spotify. It is usually free of charge to use these portals, but they can also contain paid content. With the integrated elements, you can listen to or view any of their content on our website.

If you use audio or video elements on our website, your personal data may get transmitted to as well as processed and retained by service providers.

Why do we use audio & video elements on our website?

We of course want to provide you with the best offer on our website. And we are aware that content is no longer just conveyed in text and static images. Instead of just giving you a link to a video, we offer you audio and video formats directly on our website. These are entertaining or informative, but ideally they are both. Our service therefore gets expanded and it gets easier for you to access interesting content. In addition to our texts and images, we thus also offer video and/or audio content.

Which data are retained by audio & video elements?

When you visit a page on our website with e.g. an embedded video, your server connects to the service provider’s server. Thus, your data will also be transferred to the third-party provider, where it will be stored. Certain data is collected and stored regardless of whether you have an account with the third party provider or not. This usually includes your IP address, browser type, operating system and other general information about your device. Most providers also collect information on your web activity. This e.g. includes the session duration, bounce rate, the buttons you clicked or information about the website you are using the service on. This data is mostly stored via cookies or pixel tags (also known as web beacons). Any data that is pseudonymised usually gets stored in your browser via cookies. In the respective provider’s Privacy Policy, you can always find more information on the data that is stored and processed.

数据处理期限

You can find out exactly how long the data is stored on the third-party provider’s servers either in a lower point of the respective tool’s Privacy Policy or in the provider’s Privacy Policy. Generally, personal data is only processed for as long as is absolutely necessary for the provision of our services or products. This usually also applies to third-party providers. In most cases, you can assume that certain data will be stored on third-party providers’ servers for several years. Data can be retained for different amounts of time, especially when stored in cookies. Some cookies are deleted after you leave a website, while others may be stored in your browser for a few years.

反对权

You also retain the right and the option to revoke your consent to the use of cookies or third-party providers at any time. This can be done either via our cookie management tool or via other opt-out functions. You can e.g. also prevent data retention via cookies by managing, deactivating or erasing cookies in your browser. The legality of the processing up to the point of revocation remains unaffected.

Since the integrated audio and video functions on our site usually also use cookies, we recommend you to also read our general Privacy Policy on cookies. You can find out more about the handling and storage of your data in the Privacy Policies of the respective third party providers.

法律依据

If you have consented to the processing and storage of your data by integrated audio and video elements, your consent is considered the legal basis for data processing (Art. 6 Para. 1 lit. a GDPR). Generally, your data is also stored and processed on the basis of our legitimate interest (Art. 6 Para. 1 lit. f GDPR) in maintaining fast and good communication with you or other customers and business partners. We only use the integrated audio and video elements if you have consented to it.

YouTube Data API Privacy Policy

We also use the YouTube feature YouTube Data API. The provider of this service is the American company Google Inc. The responsible entity for the European region is the Irish company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Irland).

谷歌还会在美国等地处理您的数据。谷歌是欧盟-美国数据隐私框架的积极参与者，该框架规范了欧盟公民个人数据向美国的正确和安全传输。更多信息请参见 https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.

此外，谷歌还使用所谓的标准合同条款（《通用数据保护条例》第46条第2款和第3款）。标准合同条款（SCC）是欧盟委员会提供的模板条款，旨在确保您的数据即使在传输和存储于第三国（如美国）时也符合欧洲数据保护标准。通过欧盟-美国数据隐私框架和标准合同条款，谷歌承诺在处理您的相关数据时，即使数据在美国存储、处理和管理，也会保持欧洲数据保护水平。这些条款基于欧盟委员会的实施决定。您可以在此处找到该决定及相应的标准合同条款： https://ec.europa.eu/commission/presscorner/detail/en/ip_21_2847.

您可以在以下网址找到涉及标准合同条款的 Google Ads 数据处理条款： https://business.safety.google/intl/en/adsprocessorterms/

You can find out more about Googles’ data processing in their privacy policy at https://policies.google.com/privacy?hl=en-US.

YouTube Privacy Policy

What is YouTube?

We have integrated YouTube videos to our website. Therefore, we can show you interesting videos directly on our site. YouTube is a video portal, which has been a subsidiary company of Google LLC since 2006. The video portal is operated by YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. When you visit a page on our website that contains an embedded YouTube video, your browser automatically connects to the servers of YouTube or Google. Thereby, certain data are transferred (depending on the settings). Google is responsible for YouTube’s data processing and therefore Google’s data protection applies.

In the following we will explain in more detail which data is processed, why we have integrated YouTube videos and how you can manage or clear your data.

On YouTube, users can watch, rate, comment or upload videos for free. Over the past few years, YouTube has become one of the most important social media channels worldwide. For us to be able to display videos on our website, YouTube provides a code snippet that we have integrated to our website.

Why do we use YouTube videos on our website?

YouTube is the video platform with the most visitors and best content. We strive to offer you the best possible user experience on our website, which of course includes interesting videos. With the help of our embedded videos, we can provide you other helpful content in addition to our texts and images. Additionally, embedded videos make it easier for our website to be found on the Google search engine. Moreover, if we place ads via Google Ads, Google only shows these ads to people who are interested in our offers, thanks to the collected data.

What data is stored by YouTube?

As soon as you visit one of our pages with an integrated YouTube, YouTube places at least one cookie that stores your IP address and our URL. If you are logged into your YouTube account, by using cookies YouTube can usually associate your interactions on our website with your profile. This includes data such as session duration, bounce rate, approximate location, technical information such as browser type, screen resolution or your Internet provider. Additional data can include contact details, potential ratings, shared content via social media or YouTube videos you added to your favourites.

If you are not logged in to a Google or YouTube account, Google stores data with a unique identifier linked to your device, browser or app. Thereby, e.g. your preferred language setting is maintained. However, many interaction data cannot be saved since less cookies are set.

In the following list we show you cookies that were placed in the browser during a test. On the one hand, we show cookies that were set without being logged into a YouTube account. On the other hand, we show you what cookies were placed while being logged in. We do not claim for this list to be exhaustive, as user data always depend on how you interact with YouTube.

名称： YSC
数值： b9-CV6ojI5Y122952900-1
用途： This cookie registers a unique ID to store statistics of the video that was viewed.
到期日期： after end of session

名称： PREF
数值： f1=50000000
用途： This cookie also registers your unique ID. Google receives statistics via PREF on how you use YouTube videos on our website.
到期日期： after 8 months

名称： GPS
数值： 1
用途： This cookie registers your unique ID on mobile devices to track GPS locations.
到期日期： after 30 minutes

名称： VISITOR_INFO1_LIVE
数值： 95Chz8bagyU
用途： This cookie tries to estimate the user’s internet bandwith on our sites (that have built-in YouTube videos).
到期日期： after 8 months

当您登录到您的YouTube账户时会放置的其他Cookie：

名称： APISID
数值： zILlvClZSkqGsSwI/AU1aZI6HY7122952900-
用途： 此Cookie用于根据您的兴趣创建个人档案。这些数据随后用于个性化广告。
到期日期： 2年后

名称： CONSENT
数值： YES+AT.de+20150628-20-0
用途： 该Cookie存储用户对使用各种Google服务的同意状态。CONSENT还提供安全措施，以保护用户免受未经授权的攻击。
到期日期： after 19 years

名称： HSID
数值： AcRwpgUik9Dveht0I
用途： 此Cookie用于根据您的兴趣创建个人档案。这些数据有助于展示定制广告。
到期日期： 2年后

名称： LOGIN_INFO
数值： AFmmF2swRQIhALl6aL…
用途： This cookie stores information on your login data.
到期日期： 2年后

名称： SAPISID
数值： 7oaPxoG-pZsJuuF5/AnUdDUIsJ9iJz2vdM
用途： This cookie identifies your browser and device. It is used to create a profile on your interests.
到期日期： 2年后

名称： SID
数值： oQfNKjAsI122952900-
用途： This cookie stores your Google Account ID and your last login time, in a digitally signed and encrypted form.
到期日期： 2年后

名称： SIDCC
数值： AN0-TYuqub2JOcDTyL
用途： This cookie stores information on how you use the website and on what advertisements you may have seen before visiting our website.
到期日期： 3个月后

数据会被存储多长时间以及存储在哪里？

The data YouTube receive and process on you are stored on Google’s servers. Most of these servers are in America. At https://www.google.com/about/datacenters/locations/?hl=en you can see where Google’s data centres are located. Your data is distributed across the servers. Therefore, the data can be retrieved quicker and is better protected against manipulation.

Google stores collected data for different periods of time. You can delete some data anytime, while other data are automatically deleted after a certain time, and still other data are stored by Google for a long time. Some data (such as elements on “My activity”, photos, documents or products) that are saved in your Google account are stored until you delete them. Moreover, you can delete some data associated with your device, browser, or app, even if you are not signed into a Google Account.

How can I erase my data or prevent data retention?

Generally, you can delete data manually in your Google account. Furthermore, in 2019 an automatic deletion of location and activity data was introduced. Depending on what you decide on, it deletes stored information either after 3 or 18 months.

Regardless of whether you have a Google account or not, you can set your browser to delete or deactivate cookies placed by Google. These settings vary depending on the browser you use. The following instructions will show how to manage cookies in your browser:

Chrome：在Chrome中清除、启用和管理Cookie

Safari：在Safari中管理Cookie和网站数据

Firefox：在Firefox中清除Cookie和网站数据

Internet Explorer：删除和管理Cookie

Microsoft Edge：在Microsoft Edge中删除Cookie

If you generally do not want to allow any cookies, you can set your browser to always notify you when a cookie is about to be set. This will enable you to decide to either allow or permit each individual cookie.

法律依据

If you have consented processing and storage of your data by integrated YouTube elements, this consent is the legal basis for data processing (Art. 6 para. 1 lit. a GDPR). Generally, your data is also stored and processed on the basis of our legitimate interest (Art. 6 para. 1 lit. f GDPR) to maintain fast and good communication with you or other customers and business partners. Nevertheless, we only use integrated YouTube elements if you have given your consent. YouTube also sets cookies in your browser to store data. We therefore recommend you to read our privacy policy on cookies carefully and to take a look at the privacy policy or the cookie policy of the respective service provider.

谷歌还会在美国等地处理您的数据。谷歌是欧盟-美国数据隐私框架的积极参与者，该框架规范了欧盟公民个人数据向美国的正确和安全传输。更多信息请参见 https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.

此外，谷歌还使用所谓的标准合同条款（《通用数据保护条例》第46条第2款和第3款）。标准合同条款（SCC）是欧盟委员会提供的模板条款，旨在确保您的数据即使在传输和存储于第三国（如美国）时也符合欧洲数据保护标准。通过欧盟-美国数据隐私框架和标准合同条款，谷歌承诺在处理您的相关数据时，即使数据在美国存储、处理和管理，也会保持欧洲数据保护水平。这些条款基于欧盟委员会的实施决定。您可以在此处找到该决定及相应的标准合同条款： https://ec.europa.eu/commission/presscorner/detail/en/ip_21_2847.

您可以在以下网址找到涉及标准合同条款的 Google Ads 数据处理条款： https://business.safety.google/intl/en/adsprocessorterms/

Since YouTube is a subsidiary company of Google, Google’s privacy statement applies to both. If you want to learn more about how your data is handled, we recommend the privacy policy at https://policies.google.com/privacy?hl=en.

YouTube Subscribe Button Privacy Policy

We have integrated the YouTube subscribe button to our website, which you can recognise by the classic YouTube logo. The logo shows the words “Subscribe” or “YouTube” in white letters against a red background, with a white “Play” symbol on the left. The button may also be displayed in a different design.

Our YouTube channel consistently offers you funny, interesting or exciting videos. With the built-in “Subscribe” button you can subscribe to our channel directly via our website and do not need to go to YouTube’s website for it. With this feature, we want to make it as easy as possible for you to access our comprehensive content. Please note that YouTube may save and process your data.

If you see a built-in subscription button on our page, YouTube sets at least one cookie, according to Google. This cookie stores your IP address and our URL. It also allows YouTube to receive information about your browser, your approximate location and your default language. In our test the following four cookies were placed, without us being logged into YouTube:

名称： YSC
数值： b9-CV6ojI5122952900Y
用途： This cookie registers a unique ID, which stores statistics of the viewed video.
到期日期： after end of session

名称： PREF
数值： f1=50000000
用途：This cookie also registers your unique ID. Google uses PREF to get statistics on how you interact with YouTube videos on our website.
到期日期： after 8 months

名称： GPS
数值： 1
用途：This cookie registers your unique ID on mobile devices to track your GPS location.
到期日期： after 30 minutes

名称： VISITOR_INFO1_LIVE
数值： 12295290095Chz8bagyU
用途： This cookie tries to estimate the user’s internet bandwith on our website (that contain built-in YouTube video).
到期日期： after 8 months

注意： These cookies were set after a test, thus we do not claim for the list to be exhaustive.

If you are logged into your YouTube account, YouTube may store many of the actions and interactions you make on our website via cookies, to then assign them to your YouTube account. This gives YouTube information on e.g. how long you have been browsing our website, which browser type you use, which screen resolution you prefer or what actions you take.

On the one hand, YouTube uses this data to improve its own services and offers, and on the other hand to provide analyses and statistics for advertisers (who use Google Ads).

YouTube Similar Audiences Privacy Policy

We also use the advertising tool YouTube Similar Audiences. The service provider is the American company Google LLC. For the European region, the responsible entity is Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland).

YouTube processes data from you, among others, in the USA. YouTube is an active participant in the EU‑US Data Privacy Framework, which ensures the proper and secure transfer of personal data of EU citizens to the USA. You can find more information here:
https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en

Furthermore, YouTube – like Google – uses Standard Contractual Clauses (Art. 46 (2) and (3) GDPR). These model clauses provided by the EU Commission ensure that your data continues to comply with European data protection standards even when it is transferred to and stored in third countries (e.g., in the USA). Through the EU‑US Data Privacy Framework and the Standard Contractual Clauses, YouTube commits to maintaining the European level of data protection in the processing of your relevant data, even if that data is stored, processed, and managed in the USA. The relevant implementation decision and the Standard Contractual Clauses can be found here:
https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=en

Learn more about the data processed through the use of YouTube Similar Audiences in the privacy policy at:
https://policies.google.com/privacy

YouTube IFrame Player Privacy Policy

We also use the YouTube IFrame Player to embed videos on our website. The provider of this service is the American company Google Inc. The responsible entity for the European region is the Irish company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Irland).

谷歌还会在美国等地处理您的数据。谷歌是欧盟-美国数据隐私框架的积极参与者，该框架规范了欧盟公民个人数据向美国的正确和安全传输。更多信息请参见 https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.

此外，谷歌还使用所谓的标准合同条款（《通用数据保护条例》第46条第2款和第3款）。标准合同条款（SCC）是欧盟委员会提供的模板条款，旨在确保您的数据即使在传输和存储于第三国（如美国）时也符合欧洲数据保护标准。通过欧盟-美国数据隐私框架和标准合同条款，谷歌承诺在处理您的相关数据时，即使数据在美国存储、处理和管理，也会保持欧洲数据保护水平。这些条款基于欧盟委员会的实施决定。您可以在此处找到该决定及相应的标准合同条款： https://ec.europa.eu/commission/presscorner/detail/en/ip_21_2847.

您可以在以下网址找到涉及标准合同条款的 Google Ads 数据处理条款： https://business.safety.google/intl/en/adsprocessorterms/

You can find out more about Googles’ data processing in their privacy policy at https://policies.google.com/privacy?hl=en-US.

YouTube-Video-Widget Privacy Policy

We also use the video widget by YouTube on our website. The provider of this service is the American company Google Inc. The responsible entity for the European region is the Irish company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Irland).

谷歌还会在美国等地处理您的数据。谷歌是欧盟-美国数据隐私框架的积极参与者，该框架规范了欧盟公民个人数据向美国的正确和安全传输。更多信息请参见 https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.

此外，谷歌还使用所谓的标准合同条款（《通用数据保护条例》第46条第2款和第3款）。标准合同条款（SCC）是欧盟委员会提供的模板条款，旨在确保您的数据即使在传输和存储于第三国（如美国）时也符合欧洲数据保护标准。通过欧盟-美国数据隐私框架和标准合同条款，谷歌承诺在处理您的相关数据时，即使数据在美国存储、处理和管理，也会保持欧洲数据保护水平。这些条款基于欧盟委员会的实施决定。您可以在此处找到该决定及相应的标准合同条款： https://ec.europa.eu/commission/presscorner/detail/en/ip_21_2847.

您可以在以下网址找到涉及标准合同条款的 Google Ads 数据处理条款： https://business.safety.google/intl/en/adsprocessorterms/

You can find out more about Googles’ data processing in their privacy policy at https://policies.google.com/privacy?hl=en-US.

Online Map Services Introduction

What are Online Map Services?

We also use online map services for our website as an extended service. Google Maps is probably the service you are most familiar with. But there are also other providers out there that specialise in creating digital maps. These services allow the display of locations, route maps or other geographical information directly via our website. Thanks to an integrated map service, you no longer have to leave our website to e. g. view the route to a location. In order to ensure that the online map can run on our website, we have integrated map sections within our HTML code. This way the services can display street maps, the earth’s surface, or aerial or satellite imagery. If you use the built-in map service, your data will be transferred to the tool used, where it will be retained. This may also include your personal data.

Why do we use Online Map Services on our website?

Generally speaking, it is imperative for us to offer you a pleasant time on our website. Of course, we know that you will most likely only enjoy your time here if you can easily find your way around and find all the information you need quickly and easily. Therefore, we decided that an online map system may be a significant optimisation of our website’s service. After all, you can use the map system to easily view route descriptions, locations or any other points of interest – without leaving our site. Needless to say, it is certainly also very practical that you can easily see where our company headquarters are so that you can find us quickly and safely. As you can see, there are just a lot of advantages – and we clearly consider online map services on our website to be part of our customer service.

What data is stored by Online Map Services?

If you open a page on our website with an online map function installed, your personal data may be transmitted to the relevant service, where it may be stored. This usually includes your IP address, which may also be used to determine your approximate location. In addition to your IP address, data such as the search terms you entered, as well as your longitude and latitude coordinates will be stored. If you e. g. enter an address for route planning, this data will also be stored. This data is not stored by us but instead on the servers of the integrated tools. You can think of it like this: You may be on our website, but when you interact with a mapping service, that interaction is actually happening on their website. Moreover, in order for the service to function properly, at least one cookie is usually set in your browser. As an example, Google Maps also uses cookies to record user behaviour, with which it can optimise its own service and offer personalised advertising. You can find out more about cookies in our “Cookies” section.

数据会被存储多长时间以及存储在哪里？

Every online map service processes different user data. Provided we have further information, we will inform you about the duration of data processing in the corresponding sections on the individual tools below. Generally, personal data is only retained for as long as is necessary to provide the service. Google Maps e. g. stores certain data for a specified period of time, but you must erase other data yourself. At Mapbox, for example, your IP address is stored for 30 days after which it is deleted. As you can see, each tool stores data for different lengths of time. We thus recommend you take a closer look at the privacy policies of the tools used.

The providers may use cookies to store data on your user behaviour in relation to their map services. You can find more information about cookies in our “Cookies” section, but in the individual providers’ privacy policies you can most probably also find out which cookies may be used. In most cases, however, this is only an indicative list and is not exhaustive.

反对权

You always have the possibility and the right to access your personal data and to object to its use and processing. You can also revoke the consent you gave to us at any time. This is usually easiest through the cookie consent tool. However, there are other opt-out tools that you can use. You can also manage, erase or deactivate any cookies set by the used providers yourself with just a few mouse clicks. However, this may lead to some service functions stopping to work as usual. It also depends on your browser how you can manage cookies there. In our “Cookies” section you will find links to instructions of the most popular browsers.

法律依据

If you have agreed to the use of an online map service, the legal basis for the corresponding data processing is this consent. According to Article 6 Paragraph 1 lit. (consent) this consent is the legal basis for the processing of personal data as may occur when collected by an online map service.

We also have a legitimate interest in using an online map service to optimise our service on our website. The corresponding legal basis for this is Article 6 (1) (f) GDPR (legitimate interests). However, we only use an online map service if you have given your consent. We definitely wanted to stress this point once again.

You can find information on specific online map services – if available – in the following sections.

Google Maps Privacy Policy

What is Google Maps?

On our website we use Google Maps of the company Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA). With the use of Google Maps, we can show you locations in a better way and can therefore adjust our service to your needs. Due to the utilisation of Google Maps, data gets transferred to Google and is saved on Google’s servers. In the following, we want to explain in detail what Google Maps is, why we use this Google service, what data is stored and how you can prevent this.

Google Maps is an internet maps service of the company Google Inc. With Google Maps you can search for exact locations of cities, sights, accommodations or businesses online via a PC, a tablet or an app. If businesses are represented on Google My Business, the respective location as well as other information about the company are shown there. In order to show route directions, a location’s map sections can be integrated in a website through a HTML-code. Google Maps depicts the earth’s surface as either a road map or as air and satellite images. Due to the street view and high-quality satellite images, it is possible for exact representations to be made.

Why do we use Google Maps on our website?

The efforts we make on this page have the goal of giving you a useful and meaningful experience on our website. Through the integration of Google Maps, we can offer you essential information on various locations. Therefore, you can spot our office address with one glance. Furthermore, the route directions always show you the best and fastest way to us. You can retrieve the route directions for traveling either by car, by public transport, on foot or by bike. The integration of Google Maps is a part of our customer service.

What data is stored by Google Maps?

For Google Maps to offer its full services, the company must collect and store your data. This includes your entered search terms, your IP-address as well as your longitude and latitude coordinates. When you use the route-planner function, the entered start address is stored also. However, this data retention happens on Google Maps‘ websites. We can only inform you about it but cannot influence it in any way. Since we have included Google Maps on our website, Google will set at least one cookie (Name: NID) into your browser. This cookie saves data on your user behaviour. Google primarily uses this data to optimise ist own services and to provide you with individual, personalised advertisements.

The following cookies are set in your browser due to the integration of Google Maps:

名称： NID
数值： 188=h26c1Ktha7fCQTx8rXgLyATyITJ122952900-5
用途： Google uses NID in order to adjust advertisments to your Google searches. With the cookie’s help Google “remembers“ your most frequently entered search queries or your previous interaction with ads. That way you always receive customised adertisments. The cookie contains a unique ID, wich Google uses to collect your personal settings for advertising porposes.
Expiration date: after 6 months

注意： We cannot guarantee completeness of the information on saved data. This is, because especially concerning the use of cookies, changes can happen anytime. To identify the cookie NID, a test page was created, to which Google Maps was included.

数据会被存储多长时间以及存储在哪里？

There are Google servers in data centres across the entire planet. However, most servers are in America. For this reason, your data is widely stored in the USA. Here you can read in detail about where the Google servers are located: https://www.google.com/about/datacenters/locations/?hl=en

Google distributes data to various data carriers. This makes it possible to retrieve the data faster and to better protect it from possible attempted manipulations. Every server has emergency programs. Thus, should for example a problem with Google’s hardware occur or should a natural disaster impact the servers, any data will quite certainly stay protected.

Moreover, Google saves some data for a specified period. With some other data on the other hand, Google only offers the opportunity for deleting it manually. Furthermore, the company anonymises information (e.g. advertising data) in server logs, by deleting a part of the IP-address and cookie information after 9 to 18 months.

How can I erase my data, or prevent data retention?

Due to the automatic delete function for location and activity data, which was introduced in 2019, information that is used for determining your location and web or app activity is saved for either 3 or 18 months, depending on your preferred decision, and is deleted thereafter. Furthermore, it is possible to delete this data manually from your browser history via your Google account anytime. If you want to prevent the determination of your location altogether, you must pause the category “Web and app activity” in your Google account. Click on “Data and personalisation” and then choose the option “Activity controls”. Here you can switch the activities on or off.

Moreover, in your browser you can deactivate, delete or manage individual cookies. This function can differ a little, depending on what browser you are using. The following instructions will show you how to manage cookies in your browser:

Chrome：在Chrome中清除、启用和管理Cookie

Safari：在Safari中管理Cookie和网站数据

Firefox：在Firefox中清除Cookie和网站数据

Internet Explorer：删除和管理Cookie

Microsoft Edge：在Microsoft Edge中删除Cookie

If you generally do not want to permit any cookies, you can set up your browser in a way that ensures you get informed whenever a cookie is about to be placed. That way you can decide to either permit or refuse every single cookie.

Please note, that when using this tool, your data may also be stored and processed outside the EU. Most third countries (including the USA) are not considered secure under current European data protection law. Data to insecure third countries must not simply be transferred to, stored and processed there unless there are suitable guarantees (such as EU Standard Contractual Clauses) between us and the non-European service provider.

法律依据

If you have consented to the use of Google Maps, your consent is the legal basis for the corresponding data processing. According to Art. 6 paragraph 1 lit. a GDPR (consent) this consent is the legal basis for the processing of personal data, as can occur when processed by Google Maps.

We also have a legitimate interest in using Google Maps to optimise our online service. The corresponding legal basis for this is 《通用数据保护条例》第6条第1款f项（合法利益）. Nevertheless, we only use Google Maps if you have given your consent to it.

谷歌还会在美国等地处理您的数据。谷歌是欧盟-美国数据隐私框架的积极参与者，该框架规范了欧盟公民个人数据向美国的正确和安全传输。更多信息请参见 https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.

此外，谷歌还使用所谓的标准合同条款（《通用数据保护条例》第46条第2款和第3款）。标准合同条款（SCC）是欧盟委员会提供的模板条款，旨在确保您的数据即使在传输和存储于第三国（如美国）时也符合欧洲数据保护标准。通过欧盟-美国数据隐私框架和标准合同条款，谷歌承诺在处理您的相关数据时，即使数据在美国存储、处理和管理，也会保持欧洲数据保护水平。这些条款基于欧盟委员会的实施决定。您可以在此处找到该决定及相应的标准合同条款： https://ec.europa.eu/commission/presscorner/detail/en/ip_21_2847.

The Google Ads Data Processing Terms, which reference the standard contractual clauses, can be found at https://business.safety.google/intl/en/adsprocessorterms/.

If you want to find out more about Google’s data processing, we recommend you to read the company’s own Privacy Policy at https://policies.google.com/privacy?hl=en-GB.

Explanation of the terminology used

We always strive to make our privacy policy as clear and comprehensible as possible. However, this is not always easy, especially when it comes to technical and legal matters. It is often sensible to use legal terms (such as ‘personal data)’ or certain technical terms (such as ‘cookies’ or ‘IP address’). But we don’t want to use such terms without any explanation. This is why you will find an alphabetical list of important terms used below. These are terms we may not yet have sufficiently explained in the privacy policy. In case we have adopted any of these terms from the GDPR which are definitions, we will also list the GDPR texts here and add our own further explanations if necessary.

处理者

根据GDPR第4条的定义

就本条例而言，该术语指：

“处理者” 是指代表控制者处理个人数据的自然人或法人、公共机构、机构或其他组织；

解释： 作为公司和网站所有者，我们对我们处理的所有您的数据负责（即“控制者”）。除了控制者之外，还可能存在所谓的处理者。这包括代表我们处理个人数据的任何公司或个人。除了税务顾问等服务提供商外，处理者还可以是主机或云服务提供商、支付或通讯服务提供商，或像谷歌或微软这样的大公司。

同意

根据GDPR第4条的定义

就本条例而言，该术语指：

“同意” 指数据主体以自由给予、具体、知情且明确的方式表达其意愿，通过声明或明确的肯定行为，表示同意处理与其相关的个人数据；

解释： 在网站上，这种同意通常通过Cookie同意工具获得。您肯定遇到过这些。当您首次访问某个网站时，通常会通过横幅询问您是否同意或允许数据处理。您通常还可以进行个性化设置，从而自行决定允许哪种级别的数据处理。如果您不同意，则不得处理任何个人数据。当然，同意也可以以书面形式给出，即不是通过工具。

健康相关数据

根据GDPR第4条的定义

就本条例而言，该术语指：

“健康相关数据” 指与自然人的身体或心理健康有关的个人数据，包括提供医疗服务的信息，这些数据揭示了其健康状况的信息；

解释： 健康数据包括与您自身健康有关的所有存储信息。它通常也是记录在病人档案中的数据。例如，包括您正在使用的药物、X光片、您的全部病史或您的疫苗接种状态。

个人数据

根据GDPR第4条的定义

就本条例而言，该术语指：

“个人数据” 指与已识别或可识别的自然人（“数据主体”）有关的任何信息；可识别的自然人是指可以直接或间接被识别的人，特别是通过姓名、身份证号码、位置信息、在线标识符或与该自然人生理、身体、遗传、心理、经济、文化或社会身份有关的一个或多个特定因素来识别；

解释： 个人数据是所有可以识别您身份的数据。通常包括以下数据：

• 姓名
• 地址
• 电子邮件地址
• 邮寄地址
• 电话号码
• 生日
• 如社会保障号码、税号、身份证号码或学号等身份证号码
• 如账户号码、信用信息、账户余额等银行数据。

根据欧洲法院（ECJ）的规定，您的 IP地址也是个人数据。IT专家可以利用您的IP地址至少确定您的设备的大致位置，进而确定作为连接所有者的您的位置。因此，在GDPR范围内存储IP地址也需要法律依据。还有所谓的 “特殊类别” 个人数据，特别值得保护的数据包括：

• 种族和民族出身
• 政治观点
• 宗教或意识形态信仰
• 工会成员身份
• 遗传数据，如从血液或唾液样本中获得的数据
• 生物识别数据（即关于心理、身体或行为特征的信息，可以识别个人身份）。
  健康数据
• 与性取向或性生活有关的数据

画像分析

根据GDPR第4条的定义

就本条例而言，该术语指：

“Profiling” means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements;

解释： Profiling collects various personal data about an individual in order to learn more about that individual. On the internet, profiling is often used for advertising purposes or for credit checks. Web and advertising analysis programs e. g. collect data about your behaviour and interests on a website. This results in a special user profile that can be used to target advertising to specific target groups.

控制者

根据GDPR第4条的定义

就本条例而言，该术语指：

“controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;

解释： In our example, we are responsible for the processing of your personal data and are therefore the “controller”. If we pass on collected data to other service providers for processing, they are considered “contract processors”. For this, a “Data Processing Agreement (DPA)” must be concluded.

Processing

根据GDPR第4条的定义

就本条例而言，该术语指：

“processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;

注意： When we talk about processing in our Privacy Policy, we talk about any type of data processing. As mentioned above in the original GDPR declaration, this includes not only the collection but also the storage and processing of data.

所有文本均受版权保护。